Data and Privacy Policies: Is Your Business Compliant?
Recently, Facebook landed itself in hot water with respect to its use of personal data, which resulted in a barrage of emails from service providers and/or social media platforms advising you to review and agree to their updated terms and policies. This comes as no surprise given the recent Facebook data breach scandal that has affected over 80 million of its users. The aftermath has triggered a wave of change for many service providers to update their terms and policies and be more transparent with their members about how they store, protect and use their customer’s data. Every business that accumulates personal data needs to take stock of its data management policies and procedures. Preparedness is not limited to the social media behemoths.
What Are the Main Considerations? In light of the current issues related to data privacy and integrity arising in the US and Canada and the risk associated with data breaches, here are a few things you need to think about if you have an online business:
How are you protecting your customer’s data?
Where is your customer’s data stored?
How are you protecting your customer’s private information?
Transparency Among the notable changes, transparency is a key to all of the updated terms and policies. To sum, the service providers and social platforms are fully disclosing and identifying their corporate structure as well as their affiliated partners and related companies. They are also releasing details on the type of information they are gathering from a customer’s use of their website or application, and whether they sell the users data to other third parties and what they share with advertisers and partners.
Legislative Changes Around the World While some service providers are making updates to their terms and policies ahead of any active legislature, some countries are amending their laws to require companies that own, license or maintain personal information to implement and maintain reasonable procedures and practices to prevent the unauthorized acquisition, use, modification, disclosure, or destruction of personal information collected or maintained from its customers.
What Does This Mean for Your Business? As data privacy and security issues continue to take headlines with increasing frequency and the handling of individual data becomes a more widespread public concern, companies need to carefully monitor and manage these ever-changing legal requirements because they represent potential points of liability, even in the absence of a data breach.
If you run an e-commerce business, compliance with data breach laws and data protection best practices should be a top consideration for companies collecting, processing, or storing individual data. The evolution in this area is not limited to Canada or the United States. Companies should remain aware of international developments in the realm of data privacy and security for any country from which you may do business or attract customers.