- TALK TO SALES: +1 (919) 957-6150
All online entities that gather information from their visitors, customers, or members, is required by the Privacy Act of 1974 to provide a clear description of a website or business’s policy on the use of information collected from and about website visitors and what they do, and do not do, with the data. For most businesses this includes how information is collected, stored, and shared with partners or sold. The exact contents of a privacy policy will depend upon applicable laws and may need to address requirements across geographical boundaries and legal jurisdictions.
The Privacy Policy got its roots in the United States, during the late 1960’s and 1970’s when Congress passed the Fair Credit Reporting Act. Although it was not a privacy law, it placed restrictions on the use of information in credit reports and gave consumers the legal right to examine their credit files and correct errors if necessary. This was the beginning of many questions examined by several congressional study groups in the late 1960s, which noted the increasing ease with which automated personal information could be gathered and combined with other personal and information that should be protected from exploitation. One such group was an advisory committee of the United States Department of Health and Human Services (HHS) which in 1973 drafted a code of principles called the Fair Information Practices. And this work evolved into the Privacy Act in 1974. The United States enacted the Organization for Economic Co-operation and Development guidelines in 1980.
Although this act was not designed to be a privacy law, the act not only gave consumers the opportunity to examine their credit files and correct errors it also placed restrictions on the use of information in credit records. The core principles behind these investigations are based on the Constitutional principles of the individual’s right to autonomy both physically and morally.
As the Internet and resulting online activity expanded, most countries of the world enacted their own laws and regulations as they applied to information gathering and privacy. In Europe the protections to individuals extends to both private enterprises and commercial transactions, as well as government operations.
The U.S. doesn’t have a comprehensive federal regulation that establishes universal implementation of a privacy policy. Although from time to time Congress has attempted to implement an overarching set of regulations for the collection of information online, it hasn’t happened yet. However, in many cases the Federal Trade Commission does enforce the terms of privacy using the authority granted by Section 5 of the FTC Act which prohibits unfair or deceptive marketing practices. The FTC’s powers are statutorily restricted in some cases; for example, airlines are subject to the authority of the Federal Aviation Administration (FAA), and cell phone carriers are subject to the authority of the Federal Communications Commission (FCC). And in many cases, private parties enforce the terms of privacy policies by filing class action lawsuits, which may result in settlements or judgments.
