Technology is changing rapidly, so it is especially important for law firms to be vigilant in their privacy policies and retention of data received from their websites. If you have a publicly listed email address or a “contact us” form on your website, keep reading.
By Ruby Lau
Attorneys need to keep up with the latest privacy law, even if that is not their practice area.
In addition to complying with the laws regarding privacy law in your country and the relevant regulatory bodies, it is essential to stay up to date on the changes which may occur. Depending on the reach of your website, you may even need to comply with privacy statutes outside of your own jurisdiction.
Privacy policies can be applicable in a law firm setting during the hiring process, when retaining clients, or simply in the case where users are visiting the firm’s website – basically any time you are requesting or receiving information online from the public.
Law firms face additional risk because they can be held liable for misuse of data received on their websites under privacy laws and under professional rules of conduct.
If you are an attorney reading this, you are likely well aware that the information in this article should not be considered legal advice. However, our resident attorneys here at Documate insist that we mention this.
Optionally, you could include a clause regarding the deletion of data about the individual after a certain length of time. For instance, the GDPR contains a clause regarding the right to be forgotten without undue delay, which in most cases gives people the right to ask an organization to delete their personal data in around a month’s time.
No, not your snack intake. In this context, cookies refer to data created on a website to identify you when you visit that website.
Cookies can track your personal information, online activities across different websites, or other online services. This information is then used in behavioral advertising or other targeted content. However, using cookies without proper permissions and data policies can expose you to liability.
If you have a “contact me” section on your website, or if you have a sign-up form for email newsletters, you need to be aware of how you collect and store the contact information from your website.
Approximately 60% of tested applications and policies likely violated the relevant laws.
Even though the privacy laws are constantly changing, the good news is you can leverage legal technology to help you. For example, Termageddon created a legal tool to provide embeddable website policies that automatically update as the laws change. You can even license Termageddon’s policies for your own clients to use.
If you are in Canada, check out jusTech, which provides a free policy tool and breach reporting tool (both built on Documate!).
If you want to write your own, you can find sample policies on most legal research platforms. However, you’ll need to regularly check your applicable privacy laws and manually update your policy.
Additionally, you can make your policy “machine readable.” This allows the reader to set their privacy preferences instead of having to read lengthy data policies to look for the information they need.Look for tools like the Platform for Privacy Preferences (P3P), which allows the coding of a policy in XML, a mark-up language for formatting text. With this platform, websites can specify policies in a uniform manner which can be read and presented by website browsers or a policy display application .
Productizing is on the rise. Here are the market levers changing the future of legal service delivery.
The nuts and bolts of productizing your practice through document automation and end-to-end legal applications.
Sign up for our newsletter to get product updates, exclusive client interviews, and more.