FTC Privacy Rules - What You Need to Know

Small businesses need to know what the Federal Trade Commission (FTC) is recommending in their report on consumer privacy about how customer personal information should be handled online and offline. 

Here are five points small businesses need to know about the FTC recommendations as U.S. data-privacy regulations evolve:

The report doesn't actually establish any rules. It does make recommendations to Congress for developing new consumer-privacy rules and offer best practices for businesses.

Some small businesses don’t need to worry. If you only collect “non-sensitive” consumer data and don’t share it with third parties, your business is exempt from the FTC guidelines. However, if you are collecting Social Security numbers and financial, health, children’s, and geo-location information, then take notice. Furthermore, if you collect any data from more than 5,000 customers each year, or if you share with third parties, following FTC best practices is recommended.

Common sense goes a long way. If you are practicing transparency and simplicity, you are doing well. Be upfront with customers about what information you collect and why. Keep privacy policies simple and easy to understand. Give customers a chance to opt out when applicable.

“Do Not Track” is coming. Web browsers such as Mozilla Firefox already have privacy tools that allow consumers the feature to limit data that is collected about them. The Digital Advertising Alliance has a tool for members, too.

Pay particular attention to mobile data. The FTC report says, “The unique features of the mobile phone which is highly personal, almost always on, and travels with the consumer have facilitated unprecedented levels of data collection.” As a result, expect more guidelines or regulatory requirements.

Be aware of what information is collected, what happens to it, and how the privacy policy is stated whether you are the business or consumer.