I see a growing trend in organizations trying to gut the promises made in their website privacy policies through sneaky wording they place in their rarely read “Terms of Use” statements.
Over the past few months I have heard from some CISOs and CPOs who are concerned at some of the wording that their legal counsels are suggesting they put on their web sites. And rightly so. Why? Because the considered “Terms of Use” statements seem to be, 1) trying to eliminate all liability to the organization for anything bad that happens to the personally identifiable information (PII) submitted to or accessed from the site; 2) basically nullifying the posted privacy policy; and 3) trying to require the website user to agree to these terms just by using the site…no active acknowledgment or agreement necessary.
Here is a composite from around half of a dozen of these worrisome passages from the considered drafted Terms of Use statements that I’ve seen…
Posts Tagged ‘terms of use’
Do Your Terms Of Use Try To Gut Your Privacy Policy Promises?
Sunday, May 18th, 2008Tags:awareness and training, FTC, FTC Act, implied consent, Information Security, IT compliance, policies and procedures, privacy, risk management, security awareness, security training, terms of use, website privacy policies
Posted in Privacy and Compliance | No Comments »