Privacy
Privacy Laws Agreement

In this Internet age, privacy issues are at the forefront of people's minds. Laws are being developed to respond to abuses such as identity theft, selling financial information to outsiders, sharing information with subsidiaries and partners, and using information for mass marketing.

Form to use: Non-Disclosure Agreement

Existing privacy laws: According to the publication Compilation of State and Federal Privacy Laws there are 700 state and federal privacy laws, in the following areas:

  • Arrest and Conviction Records
  • Bank and Financial Records
  • Cable Television
  • Computer Crime
  • Credit Reporting and Investigations (including ‘Credit Repair,'‘Credit Clinics,' Check-Cashing, and Credit Cards)
  • Criminal Justice Information Systems
  • Electronic Surveillance (including Wiretapping, Telephone Monitoring, and Video Cameras)
  • Employment Records
  • Government Information on Individuals
  • Identity Theft
  • Insurance Records (including use of Genetic Information)
  • Library Records
  • Mailing Lists (including Video Rentals and 'Spam')
  • Medical Records (including HIV Testing)
  • Miscellaneous (including Non-Electronic Visual Surveillance and Breast-Feeding)
  • Polygraphing in Employment (including Honesty Tests)
  • Privacy Statutes/State Constitutions (including the Right to Publicity)
  • Privileged Communications
  • Social Security Numbers
  • Student Records
  • Tax Records
  • Telephone Services (including Telephone Solicitation and Caller ID)
  • Testing in Employment (including Urinalysis, Genetic, and Blood Tests)

If your business involves any of these areas, we suggest that you consult with an attorney or purchase this guide. For information, visit http://www.privacyjournal.net/works.htm. This guide may also be available at your county law library.

Protect customer and employee privacy: Businesses are beginning to be held responsible for identity theft of customer and employee information. It is critical that you take three steps:

  1. Make sure that your customers' and employees' private information is stored and secure. Do not leave credit card, social security numbers, addresses, or other IDs available for anyone to view (employee, customer or bystander).
  2. When you are done with the information, shred it.
  3. When you discard or donate your computer, delete all information first (reformat the computer so everything is wiped clean)

Non-disclosure statement: Many small businesses use non-disclosure statements to protect their ideas and products. We have included a sample non-disclosure statement in this kit.

Do Not Call Registry

Federal and state governments have set up do-not-call registries, which allow consumers to remove their telephone number from a telemarketer's list. This applies to phone solicitation only. There are exceptions to the laws, but if a company violates the law in, the fine per call can be up to $11,000.

Who is exempt? Charities, political groups and companies which have an established relationship with a consumer. Businesses are allowed to call:

  • Anyone who is not on the do-not-call registry
  • Any customer for 18 months after the date of their last purchase, payment or delivery
  • Any person who has made an inquiry or submitted an application during the past three months
  • If you are a business owner calling and you are calling within 50 miles of your home (i.e. no paid solicitors)
  • Business to business solicitations, except if you are selling non-durable cleaning or office supplies (anything that can be used and requires replacing)

Calling across state lines? If you are calling across state lines and the person asks you not to call, you must honor that request, even if you have an established business relationship.

How consumers register their number to prevent solicitation: Consumers can register online at http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt107.shtm or call (888)382-1222.

How the system works If you are going to telemarket to individuals, you must register for access to the Do-Not-Call list. Registration and access is free for 1 to 5 area codes. After that, there is an annual $45 per area code fee, with a maximum $15,400 for the entire U.S. To register, go to https://telemarketing.donotcall.gov. You will be asked to set up a profile that includes the area codes that you want to solicit. You will be issued a "SAN" number which will allow you access to the phone numbers registered for those area codes. Remember, the numbers you receive are the phone numbers that you cannot call unless you meet the exemptions above.

At least once every 30 days, you need to go back to that website to download an updated version.

Questions? This information is an overview. Please visit the sites below for complete information because you may be subject to recordkeeping requirements. You must comply with federal requirements if you call across state lines and state requirements if the calls are within a state. Information for businesses is available at Click here to go to the FTC's website.

Information for consumers is available at http://www.ftc.gov/bcp/edu/microsites/donotcall/index.html.