Your company has just launched an innovative new social media service, and you’ve received fanfare from the press, increased website traffic, and a spike in advertising revenues. In short, the service is a complete success — until you’re served with a class action complaint seeking millions of dollars in damages and a civil investigative demand from the FTC. What did you do wrong, and what can you do to get out of this mess?
That’s the question that I recently explored as a part of a panel at the summer meeting of the Virginia Bar Association on the benefits and risks of social media. On the panel, we discussed the many ways that social media has influenced law and policy over the past few months and highlighted what businesses and their lawyers need to understand about privacy issues online in order to avoid litigation and regulatory enforcement.
One of the main reasons that companies face litigation and investigations in the social media area is that they haven’t fully evaluated the information that they are collecting through social media and how that information is (or could be) used. That is why the discussion on privacy today is coalescing around the concept of “privacy by design,” which Kashmir Hill at Forbes recently described as companies “bak[ing] privacy into their products” rather than considering privacy only reactively. (You can read more about privacy by design here.)