People fall into two camps where online privacy is concerned: The first are the “Obsessed,” i.e. people who are driven to learn and understand everything about it, and to control their own online privacy. The second are the “Whatevers,” i.e. everybody else, who knows they “should” be concerned, but for whom privacy is not important enough to be on their radar.

As web users we flit from website to website looking for something – the answer to a question, products to buy, cat videos to entertain us – and we’re too busy to be concerned about the information being collected as we do that; however, if you are responsible for a website, put yourself in the obsessive category.  You need to at least cover the basics where privacy is concerned, and if you collect personal information it’s wise to explain that.

Where is Your Privacy Policy?

Are you tracking visitor behavior with Google Analytics? If you are, I’m willing to bet that you did not read through Google’s terms of service, in which you agreed to post a privacy policy:

You will have and abide by an appropriate Privacy Policy and will comply with all applicable laws and regulations relating to the collection of information from Visitors. You must post a Privacy Policy and that Privacy Policy must provide notice of Your use of cookies that are used to collect traffic data, and You must not circumvent any privacy features (e.g., an opt-out) that are part of the Service. (Google’s terms of service)

Now, I’m also willing to bet that your website does not have a privacy policy. Google isn’t policing the interwebs, and it’s unlikely you’ll be caught in violation, but posting a privacy policy is still a great idea.

Why bother?

Do your visitors need to know about cookies? The majority of visitors to your website are going to be in the “Whatever” camp, and you might not be capturing “personally identifiable” information, but you do track behavior, e.g. which pages are visited, on which day and for how long by using cookies – via the Google Analytics code installed on your website. You should be transparent about this practice.

Posting a privacy policy is the right thing to do.

Yet more info about your visitors?

Google recently upped the ante in privacy issues by adding the ability to activate Demographic Reports; using third party cookies which track visitor behavior on an array of sites, including yours. Third party cookies essentially follow a visitor across websites and social media. From the data collected, Google Analytics distills the visitor’s age, gender and interests. If you activate Demographics Reports, your privacy policy needs to explain this different level of tracking, and – importantly – let the visitor know how to opt out.

If there is a chance that your website attracts or interacts with children under the age of 13, special laws apply to both your privacy policy and how you use any information collected. You need to learn what COPPA (Children’s Online Privacy Protection Act) is about, and take the law seriously. Shed that “Whatever” attitude and consult an attorney!

Ditto for conducting business in countries where people and their government take privacy seriously.

Set an Example: Be Transparent

The frenetic way we use the web has made us complacent about privacy issues, but as business owners we need to know how the issues relate to our own website. I guarantee data collection will become more, not less, complicated in the future.

Simply begin by writing a privacy policy, uploading it to your website, and linking to it. At least explain that your website uses cookies to track which pages are popular. (You are welcome to contact me, if you want help.) If you use the Demographics and Interests option in Google Analytics, you need to provide a way to opt-out.

By being transparent about data collection on your website, you show a level of responsibility. When enough of us do it, we ward off having legislation require it.

Privacy Forum in Washington, DC

drone-artOn a personal note, I organized an event sponsored by the Assn for Women in Communications to discuss privacy issues in relation to the data collected by domestic drone surveillance. “Drones, Privacy & You” is offered as a way for everybody to learn and weigh in…and to convert both the Obsessed and the Whatevers to a body of citizens who are concerned about and willing to influence the privacy that will soon impact us.