MenuClose

Bad Things Can Happen on Good Websites – Including Yours?

November 4, 2021


Could your website be undermining your Privacy Policy?  A recent set of articles on The Markup, a nonprofit newsroom that investigates how organizations are using technology to change society, details how it can happen even to an organization with the best of intentions.  There are plenty of “free” tools available, but as one website creator put it:  “If it’s free, that doesn’t mean it’s free. It just means it doesn’t cost money.”   Indeed, according to reports by The Markup, all of those freebies may cause the site’s users to unwittingly pay with their privacy.  And now that class actions claiming invasion of privacy are so common, it’s also clear that when companies are not upfront about data-tracking, they are vulnerable to costly litigation.

By this point in our online lives, most of us understand that commercial websites collect at least some of our data.  But The Markup recently found that even nonprofit organizations—both large and small—are prodigious data trackers, regularly using “session recorders” (including keystroke capturing) as well as more mundane data gathering tools.  What makes these findings especially concerning is that the types of organizations that are gathering data include those involving highly sensitive information.  For example, the Markup found that Planned Parenthood’s website had “28 ad trackers and 40 third-party cookies tracking visitors,” including those “that tell Facebook and Google if users visited the site.”

How does this happen?  While Planned Parenthood did not dispute that it “shares data with third parties, including data brokers,” it seems that many small non-profits have no idea that, for example, by using the “free” version of certain popular plug-ins, they are exposing their visitors to  third-party trackers that gather data used to serve advertisements to the user.  The Markup found that many of these trackers loaded without the website operators’ “explicit knowledge.”  The report found that websites that served undocumented immigrants, abuse survivors, and abortion providers all had trackers on their websites, even though not all disclosed this information to their visitors.

These reports should be a wake-up call for any organization (or individual) that has a website, especially those that use free or low-cost add-ons.  While tech heavyweights have the resources and market-share to survive a class action or two, not every organization has that luxury.   This is another example where when it comes to e-commerce, what you don’t know can hurt you.

But an ounce of prevention is worth a pound of cure, and this sort of self-inflicted digital crisis can be largely avoidable with appropriate planning and preparation.  If you would like to learn about the steps you can take to avoid these kinds of pitfalls, we are here to help with everything from website review and guidance on drafting appropriate privacy policies to crisis preparation and, if necessary, management.