Now we are three

I was chatting to a friendly journalist this week and realised that we'd hit another milestone in the history of Naked Law: now we are three years old (as of Sunday just gone).  This made me look back at my previous posts about our first and second birthdays.

There have been no revolutions at Naked Law in the past three years, though there have been some evolutionary changes along the way (notably when we changed the layout and adopted Barbara's new logo, of which we remain very proud).  We're glad to have survived the inevitable ups and downs that most bloggers experience, particularly when the team has been rather (understandably) preoccupied with fee-earning work.  And we are planning to keep going too - there is still plenty to talk about on the themes we have chosen.

As always, we welcome any comments and feedback that our readers and subscribers may have about the future of Naked Law.  Thanks to you all for coming back for more.

Have you 'Googled' the privacy policy?

Privacy and data protection appears to be the topic of the moment, with many new cases being reported on, and publicity surrounding data protection breaches.  We have mentioned a number of these cases on our blog over the past few weeks. 

The BBC has reported last week on some complaints being made about the positioning of Google's privacy policy.  Prompted by this, I wanted to see just how accessible Google have made their policy. I discovered that at the bottom of the i-Google home page there is a link to the policy: however the page reached from clicking on that link is not actually the policy but a 'privacy notice' which then links to a 'privacy policy' with a further one or two clicks depending on the link selected.

The complaints about Google's site have been made in the US, and in the context of compliance with the online privacy protection act 2003 applicable in California.  Not being a US lawyer, I am not going to comment on whether Google comply or not in this case. But I thought a brief mention about privacy policies and why they are so important to include on websites might be useful to readers. 

Anyone who runs a website needs to be aware of the legal requirements surrounding the use of personal data, as these not only come into play where the site actually asks users to enter personal information about themselves.  Even the use of cookies to track on-line movements of users of the website, and other data obtained about traffic using the site including location data, and browsing activities, could amount to what's known as 'processing of personal data'. Under UK law, users of any website should be informed if their personal data is going to be 'processed', and how the information obtained about them will be used and stored. The best way of notifying users is by including an easily accessible privacy policy on your site, with clear and obvious links to it from your home page.  The privacy groups in the US were complaining that Google had not got this right under US law.

Under UK law, website owners must also be careful to be data protection compliant with what they do with the data, and consent is required to be obtained from individuals before certain types of processing can be undertaken (for example use for direct marketing by email, disclosure to third parties) of personal data.  It is important to note that inclusion of a privacy policy of itself if not sufficient to ensure compliance with the Data Protection Act 1988.