TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

In this month’s Contract Corner, we are highlighting considerations for drafting an up-to-date privacy policy. In Part 1 of this series, we provided background on the general legal landscape for privacy policies in the United States and general issues that need to be addressed for an up-to-date policy. In this Part 2, we will provide some specific pointers on drafting, updating, and disclosing such policies.

Additional Information to Include

In addition to the list of items that should generally be covered in every privacy policy we provided in Part 1, the following are additional items you may need to set out in your specific privacy policy:

  • Directions for customers to access and update data (e.g., password resets, contact information updates, and mechanisms for unsubscribing)
  • Contact details or other means of reaching persons in your organization that can address user queries or concerns
  • Information regarding notifications when the privacy policy is updated (see below for considerations when reviewing and updating your policy)
  • Mechanisms for users to agree to and accept the terms of the privacy policy, as well as means for users to opt out

Drafting and posting a clear, concise, and accurate privacy policy is one of the most important tasks when creating a company’s website, particularly given today’s legal and regulatory environment. Privacy policy legal requirements are becoming more stringent and shortcomings less tolerated, and consumer sensitivity to privacy concerns are at an all-time high.

Despite these concerns, many companies’ policies are seemingly insufficient. A recent opinion piece published as part of the New York Times’ Privacy Project assessed 150 privacy policies from various companies and found that the vast majority of them were incomprehensible for the average person. At best, these seem to have been “created by lawyers, for lawyers” rather than as a tool for consumers to understand a company’s practices.

In this month’s Contract Corner, we will highlight considerations for drafting an up-to-date privacy policy. Part 1 of this month’s Contract Corner will provide background on the current legal landscape for privacy policies in the United States and general issues that need to be addressed.

Does your website or application collect user data? Does your company sell that user data to other third parties, such as advertisers? Does your company disclose this practice to your users in a privacy policy or terms or use? If you answered yes to these questions, you are most certainly not alone. But is your disclosure sufficient? That is the question a new challenge is poised to answer.

As 2018 comes to a close, we have once again compiled all the links to our Contract Corner blog posts, a regular feature of Tech & Sourcing @ Morgan Lewis. In these posts, members of our global technology, outsourcing, and commercial transactions practice highlight particular contract provisions, review the issues, and propose negotiating and drafting tips. If you don’t see a topic you are interested in below, please let us know, and we may feature it in a future Contract Corner.

Join Morgan Lewis at our Boston office on Wednesday, December 6 for an interactive event on top issues impacting commercial and transactional lawyers and sourcing professionals. The event will kick off with a collaborative discussion on negotiations and strategies in commercial and technology transactions, followed by a presentation on ethical issues for transactional lawyers.

Morgan Lewis partner Don Shelkey, of counsel Emily Lowe, and senior attorney Ada Finkel will speak at the event.

Morgan Lewis is hosting an interactive event regarding top issues impacting commercial and transactional lawyers and sourcing professionals on December 6 in Boston. The event will kick off with a collaborative discussion on negotiations and strategies in commercial and technology transactions, followed by a presentation on ethical issues for transactional lawyers. Morgan Lewis partner Don Shelkey, of counsel Emily Lowe, and senior attorney Ada Finkel will be speakers at the event.

Discussion topics will include the following:

  • Current trends in commercial and technology contracts
  • Commercial due diligence and transition service agreements
  • Online presence management questions
  • Ethics for lawyers on social media

The discussion will be followed by lunch and a networking reception. We hope to see you at the event!

Register for the interactive “Review and Negotiation of Strategic Commercial Agreements” event in Boston.

A recent decision issued by United States District Court Judge Robert Scola found that the website of an owner and operator of a chain of regional grocery stores is subject to Title III of the Americans with Disabilities Act (ADA) as a service of a public accommodation, and must be accessible to persons who are visually impaired. Gil v. Winn-Dixie Stores, Inc. appears to be the first trial on the issue of whether a website is covered by Title III of the ADA.

Geotargeting—delivering content to users based on their geographic location—has become a popular and effective marketing tool. Yet proper implementation may be more nuanced than originally contemplated because certain locations, like medical facilities, attract intense privacy fears.

Massachusetts Attorney General Maura Healey recently announced a settlement of the commonwealth’s investigation of a digital advertising agency’s practice of establishing virtual fences (a/k/a geofencing) around reproductive health clinics and methadone clinics and then sending related third-party advertisements to mobile devices that had entered the virtual zone.

A seismic shift is afoot in the intelligence, complexity, and interconnectedness of everyday products, and the flimsy foundation of customer assent to standard terms will continue to crack, if not collapse. We recently noted some relatively straightforward adjustments that manufacturers can make to their standard terms to address issues related to e-commerce portals. The Internet of Things (IoT), however, could render the old contracting process (not just old products) obsolete. We highlight some challenging IoT contractual considerations below. A more comprehensive and academic treatment of the topic can be found here.

We get it. You sell widgets. You’ve always sold widgets. Your time-tested terms of sale/purchase have served you faithfully through product, industry, and economic cycles. You don’t sell apps or clouds, so why should this brave new digital world shake up your contracting process? If you have a portal or provide other electronic access to your counterparties, it’s probably time to dust off your trusty standard terms.

The Status Quote

Your process might be well established. You attach your standard terms to your purchase orders and invoices. You disclaim your warranties while making your suppliers promise the moon. Your potential liability is infinitesimal while you conveniently neglect to limit your counterparties’ liability. You include some magic “battle of the forms” language so that your favorable terms will prevail. All pretty standard practice thus far (if you haven’t gotten around to negotiating and executing formal supply agreements).