The internet is one of the most important tools humankind has ever developed. The average person has access to an almost infinite well of information on the world wide web. Instantly we can learn about anything and communicate with anyone anywhere. Unfortunately, the side effect of this amazing technology is often the lack of privacy and security. Each internet users’ personal data can be used in any number of ways both innocent and nefarious. Understanding privacy policy practices and taking steps to improve your privacy and security online can help save internet users from data breaches and leaked information.

User Perspective

Firstly, we should understand best practices from a user’s perspective. So what should one look for when evaluating a privacy policy? A website should disclose how they are utilizing user data with as much transparency as possible. This disclosure should include how the data is gathered and what happens to the data once afterward. Take for example an accredited investor interested in investing in a new Rule 506(c) fund. The investor googles Rule 506(c) investment opportunities and gets two different results. Below are the privacy policies for those two funds. Which one should the investor trust with their data?

• Example 1: We do not store credit card information. We encrypt all information on our site, including email communications.

• Example 2: We store credit card information for both paid and free users. We do not encrypt our website or email communications to keep costs low for the customers.

If you chose Example 1 as the more trustworthy company, that is correct. As you can see as both an investor and an issuer how you read or write a privacy policy respectively has a huge impact on business success. In addition, users should look for features such as two-step authentication, secure connections, and encrypted communications.

Website Perspective

For websites, being honest and transparent about privacy policies is a great way to build trust. Being forthright with your policy by including it in account setup or even when the user accesses your website, ensures that the users understand what happens to their data. Furthermore, making your privacy policy very visible ensures you are meeting the law requirements that are associated with data usage online. There are many laws associated with privacy policies, such as Children's Online Privacy Protection Act in the United States and California Online Privacy Protection Act in California. Internationally, there are laws such as the Data Protection Act of 1998 in the United Kingdom and the Personal Information Protection and Electronic Documents Act in Canada.

Data breaches are disastrous for a company’s PR. Maintaining security and protecting your users’ data can help curve unwanted breaches. Major data breaches such as Yahoo in 2013 and Facebook in 2019 can leave irreparable damage to a company’s reputation. Maintaining sophisticated security measures and protecting the data you store from your users is always worth the cost.

Overall, it is very difficult to use the internet and modern computing devices without giving up some of your virtual data rights. At least the pendulum has swung in such a way that companies are trying hard to make users feel safe with better privacy policies.