Privacy Policies, Copyright Infringement, Spam, Oh My!
You took your business online because technology made it easier. While a lot of the tutorials and “User-Friendly” applications make it sound like the whole business of running a business online can be accomplished by anyone. You’ve figured out there’s a bit more to it than that. Whether you’re running a strictly online venture or you’ve added social media and a web presence to your real-world business, there are some legal requirements for websites that you might not know. We’ve compiled an easy-to-read list as you manage your website.
Legal Requirements for Websites
Like most things in the legal realm, the wording of the actual statutes are lengthy, often confusing, and not the most exciting read. So, we’re going to give you an overview of a few important points to keep your website on the right side of the law. Note: we’re not attorneys, so we strongly encourage you to consult one to apply these concepts to your business.
- GDPR. General Data Protection Regulation is a European law protecting the rights of EU citizens. GDPR specifically looks at how a website records a visitors information, and what it does with it. You might be asking why you should care about laws in Europe. Well, if you have any customers, or website visitors, in the European Union and your company does not comply with their data laws, you could face prosecution.
- CCPA. The California Consumer Privacy Act is California’s version of GDPR. It is designed to protect the data of customers interacting with businesses in California in much the same way as the European legislation. CCPA specifically focuses on companies of a certain size, or businesses that make money from selling customer information. As a reference, read through our CCPA article to better understand if your business is implicated. If you’re not based in California, don’t breathe a sigh of relief just yet. Other states are also considering bringing in their own online privacy legislation.
- eCommerce Considerations. This is a wide topic. Any online transaction is governed by the same laws which govern an in-person transaction. Your online presence may also include public user boards and your user terms of service should be in place. You should also have a “take down” policy for items that are deemed defamatory or in violation of copyright or trademark laws. If you’re selling on your website make sure you have encrypted personal information via HTTPS.
Essentially, all websites should have HTTPS protection. Google has been pretty clear about web and privacy. It’s even more important for sites handling financial transactions.
- Collection of Personal Information. There are specific laws which govern the collection of personal identifiable information (PII), such as IP addresses. If you’re collecting PII with analytics or through the function of your online presence, make sure you’re aware of all of the laws that apply.
- Copyrighted Content. Your own content should be protected from copyright infringement through use of symbols and notices of conditions of any reproduction of content. You should also research safe harbor laws to make certain you’re protected from claims of copyright infringement. From an SEO point of view this is also important because if you are caught with content that is not unique on your website, your content may be subject to a Google penalty.
- Content Attribution. It’s important to include attribution for any work not created or purchased by your company. This applies to both written content as well photography and graphics. Creative commons images can be easy on your wallet; yet there are differing levels of attribution. Be aware of what usage rights and follow them.
If you’re using primary photography, such as employees or customers interacting with your brand, make sure you have the appropriate release forms signed before uploading to your website.
- The CAN-SPAM Act. You’re probably aware of CAN-SPAM. Even so, it’s worth a mention. Misuse any type of email marketing can lead to fines. We recommend using tools like MailChimp or other email service providers (ESPs) to send out mass emails. MailChimp automatically flags any spammy tactics you might inadvertently use. But it won’t catch everything. Make sure you’re in compliance with the FTC’s rules and regulations. Getting permission from your leads before you email them is vitally important, and not just because of the FTC risks and related fines. Permission-based marketing is a much better way of nurturing customers than spray-and-pray spam tactics.
- Accessibility. This is exactly what it sounds like. You might be surprised to know that there are rules guiding your websites accessibility for the disabled. In 2019 we saw a number of lawsuits over the Americans with Disabilities Act (ADA). If you’re not familiar with the Supreme Court and Domino’s, it’s worth a read. In 2020 we anticipate rising awareness on making websites accessible to everyone. The more visitors that can use your site the better.
This list is in no way complete. Yet it’s a good start as you research your website’s compliance requirements. If you’ve read through the laws and aren’t sure how to implement them, we highly recommend hiring legal counsel.
What other legal requirements for websites would you add to our list?
How can we help?
Want to implement schema markup on your WordPress website? Looking to improve how you appear in organic search?
We are The Spectrum Group Online, and we offer strategic and tactical consulting so you can monetize your online presence. Call us for a complimentary 30-minute consultation to discuss your website’s user experience and translate that into sales.
photo credit – top: Michael Coghlan
photo credit – body: Rohan Kar