TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

In this month’s Contract Corner, we are highlighting considerations for drafting an up-to-date privacy policy. In Part 1 of this series, we provided background on the general legal landscape for privacy policies in the United States and general issues that need to be addressed for an up-to-date policy. In this Part 2, we will provide some specific pointers on drafting, updating, and disclosing such policies.

Additional Information to Include

In addition to the list of items that should generally be covered in every privacy policy we provided in Part 1, the following are additional items you may need to set out in your specific privacy policy:

  • Directions for customers to access and update data (e.g., password resets, contact information updates, and mechanisms for unsubscribing)
  • Contact details or other means of reaching persons in your organization that can address user queries or concerns
  • Information regarding notifications when the privacy policy is updated (see below for considerations when reviewing and updating your policy)
  • Mechanisms for users to agree to and accept the terms of the privacy policy, as well as means for users to opt out

Drafting and posting a clear, concise, and accurate privacy policy is one of the most important tasks when creating a company’s website, particularly given today’s legal and regulatory environment. Privacy policy legal requirements are becoming more stringent and shortcomings less tolerated, and consumer sensitivity to privacy concerns are at an all-time high.

Despite these concerns, many companies’ policies are seemingly insufficient. A recent opinion piece published as part of the New York Times’ Privacy Project assessed 150 privacy policies from various companies and found that the vast majority of them were incomprehensible for the average person. At best, these seem to have been “created by lawyers, for lawyers” rather than as a tool for consumers to understand a company’s practices.

In this month’s Contract Corner, we will highlight considerations for drafting an up-to-date privacy policy. Part 1 of this month’s Contract Corner will provide background on the current legal landscape for privacy policies in the United States and general issues that need to be addressed.

Does your website or application collect user data? Does your company sell that user data to other third parties, such as advertisers? Does your company disclose this practice to your users in a privacy policy or terms or use? If you answered yes to these questions, you are most certainly not alone. But is your disclosure sufficient? That is the question a new challenge is poised to answer.

As 2018 comes to a close, we have once again compiled all the links to our Contract Corner blog posts, a regular feature of Tech & Sourcing @ Morgan Lewis. In these posts, members of our global technology, outsourcing, and commercial transactions practice highlight particular contract provisions, review the issues, and propose negotiating and drafting tips. If you don’t see a topic you are interested in below, please let us know, and we may feature it in a future Contract Corner.

Join Morgan Lewis at our Boston office on Wednesday, December 6 for an interactive event on top issues impacting commercial and transactional lawyers and sourcing professionals. The event will kick off with a collaborative discussion on negotiations and strategies in commercial and technology transactions, followed by a presentation on ethical issues for transactional lawyers.

Morgan Lewis partner Don Shelkey, of counsel Emily Lowe, and senior attorney Ada Finkel will speak at the event.

Morgan Lewis is hosting an interactive event regarding top issues impacting commercial and transactional lawyers and sourcing professionals on December 6 in Boston. The event will kick off with a collaborative discussion on negotiations and strategies in commercial and technology transactions, followed by a presentation on ethical issues for transactional lawyers. Morgan Lewis partner Don Shelkey, of counsel Emily Lowe, and senior attorney Ada Finkel will be speakers at the event.

Discussion topics will include the following:

  • Current trends in commercial and technology contracts
  • Commercial due diligence and transition service agreements
  • Online presence management questions
  • Ethics for lawyers on social media

The discussion will be followed by lunch and a networking reception. We hope to see you at the event!

Register for the interactive “Review and Negotiation of Strategic Commercial Agreements” event in Boston.

A recent decision issued by United States District Court Judge Robert Scola found that the website of an owner and operator of a chain of regional grocery stores is subject to Title III of the Americans with Disabilities Act (ADA) as a service of a public accommodation, and must be accessible to persons who are visually impaired. Gil v. Winn-Dixie Stores, Inc. appears to be the first trial on the issue of whether a website is covered by Title III of the ADA.

The Federal Trade Commission (FTC) recently sent more than 90 letters to online “influencers”—including marketers, celebrities, and athletes—reminding them of the truth-in-advertising standards for endorsements and the FTC’s Guides Concerning the Use of Endorsements and Testimonials in Advertising (FTC Guides) applicable to such endorsements. In their May 2017 LawFlash, Morgan Lewis partners Rochelle Alpert and Karen Butcher examine the context of these letters and discuss common pitfalls and best practices to avoid scrutiny.

Geotargeting—delivering content to users based on their geographic location—has become a popular and effective marketing tool. Yet proper implementation may be more nuanced than originally contemplated because certain locations, like medical facilities, attract intense privacy fears.

Massachusetts Attorney General Maura Healey recently announced a settlement of the commonwealth’s investigation of a digital advertising agency’s practice of establishing virtual fences (a/k/a geofencing) around reproductive health clinics and methadone clinics and then sending related third-party advertisements to mobile devices that had entered the virtual zone.

A seismic shift is afoot in the intelligence, complexity, and interconnectedness of everyday products, and the flimsy foundation of customer assent to standard terms will continue to crack, if not collapse. We recently noted some relatively straightforward adjustments that manufacturers can make to their standard terms to address issues related to e-commerce portals. The Internet of Things (IoT), however, could render the old contracting process (not just old products) obsolete. We highlight some challenging IoT contractual considerations below. A more comprehensive and academic treatment of the topic can be found here.