Been more than a year since you updated the privacy policy and terms on your website? The last time you even looked 
at them, nobody had heard of Justin Bieber? [Glorious days, indeed!] If so, let’s take a look at the steps required to get your website legal documents up to date so you are in compliance with recently enacted laws and important court decisions impacting online businesses.
Need To Update?
Do you really need to update your privacy policy and terms? Yes! New laws and regulations are enacted each year. If you fail to comply with these new requirements, you are in breach of them and inviting legal action. Let me give you an example.
In 2013, California passed an amendment to the California Online Privacy Protection Act. It requires websites to disclose if they follow “do not track” signals from browsers in their privacy policies as of January 1, 2014 among other new disclosure requirements. If you haven’t updated your website since Twilight referred to a time of day and not a bad vampire movie, well, you are in violation of this and many other laws.
The days of the internet being an unregulated business environment are long gone. Not only do legal standards now exist, you are expected to know those standards and comply with them without exception. This effectively means privacy policies and terms of use must be updated on a yearly basis.
Just Update?
Can you just change the language in your website legal documents and get on with running your business?
In a word – no.
Both the privacy policy and terms of use statements act as contractual agreements with your visitors. Numerous courts have held website operators cannot update the terms of these agreements unilaterally, which is to say without the consent of the site users and visitors. This renders the contract illusory, and it is not binding upon those people. Practically speaking, this means website owners need to give notice to their site users that changes are being made to the legal documents. The users must then be given a procedure for accepting or rejecting the changes.
Read, Read, Read
The first step in updating your terms and privacy policy is to actually read the versions already up on your website. Each should contain clauses detailing what needs to be done to “amend” or “modify” the documents. If a competent attorney prepared the agreements, you should be able to follow those directions without much difficulty.
There is, however, one big caveat.
If the documents contain an amendment clause that states something along the lines of, “we can amend the terms at any time in our sole discretion and you agree to the changes by continuing to use the website“, then you have a problem. This is not an appropriate approach to updating the terms and privacy policy. When Zappos.com had its terms of use ruled invalid and thrown out by a court not too long ago, this type of language was cited as one of the reasons.
Judges are starting to understand how the web works as well as the fact few people every actually read the terms or privacy policy of a website. In light of this, website operators must do more than might be the case in a normal business transaction when it comes to amending website legal documents. Giving proper notice to site users is a minimum requirement and, depending on the nature of your website, creating a method for site users to accept or reject the changes may be required as well.
Updating the terms and privacy policy of a website is much like changing the oil in your car. It isn’t so much something you want to do as something you need to do to prevent potential legal problems. If you believe an “oil change” might be in order for your website documents, contact me for a free consultation.
Richard A. Chapo, Esq.
@richardachapo