As more and more broadcasters create and use websites (and, to some extent, are required to post more information on those sites by the FCC, see our post here), they should be cautious about the legal liabilities that arise from these sites. For instance, as websites are used to gather personal information for listener’s clubs, news alerts or for e-commerce purposes, the site owners need to be concerned about privacy issues. Many states are now requiring privacy policies to be posted on websites that gather personal information. In a recent decision, the Federal Trade Commission entered into a consent decree with a website owner who had not abided by the privacy policy that it posted, requiring that the site owner hire security consultants and regularly file reports, for the next 20 years, with the FTC on its efforts to comply with its policies. This case is a demonstration that website owners should not casually adopt privacy policies without fully understanding and adhering to their terms.
Davis Wright Tremaine’s Privacy and Security blog features a summary of this consent decree and explains the ramifications of the decision. Broadcasters and other website owners should learn from this decision that they should not blindly copy a privacy policy that they find on some other website and adopt it as their own. Instead, they need to carefully craft a privacy disclosure that honestly discloses their policies and practices. In this case, the website owner promised that personal information would be maintained in a secure fashion, yet the FTC found that simple hacking techniques were able to get access to that information. For website owners who are collecting private information, and promising privacy and security, to avoid legal issues in the future, make sure that you are living up to your promises.