CIPA & Privacy Violation Lawsuits: Is Your Small Business Safe?
Being a small business owner means constantly learning and adapting to help your business succeed. Unfortunately, in today's world, obstacles to small business success can come in many forms. Over the past few years, small business owners around the country have received letters of demand about concerns that their website is not compliant with CIPA. Businesses found violating CIPA can receive significant fines until they make necessary changes to their website (which means incurring additional web design costs).
So, what is CIPA, and how can small businesses safeguard their websites?
What is CIPA?
CIPA is the
California Invasion of Privacy Act. Originally adopted to address phone tracking software, the law is now regularly interpreted to apply to websites. Californian consumers can sue businesses directly if they feel a website has violated their privacy, where they can obtain damages of up to $5,000 per violation.
A website's "violation of privacy" typically results from tracking technologies that are used without the consumer's consent. Tracking tools such as Meta Pixel, Hotjar, chatbots, cookies, and session replay software are central to many CIPA violation cases.
It's essential to note that CIPA can apply to businesses formed outside of California. The California piece of the law refers to consumers who are California residents; because they can access and interact with any website, regardless of the state the business is in, they must comply.
Although small businesses are the common target for these violations, businesses of any size can receive fines for violations of CIPA.
How Has the Law Evolved?
Laws surrounding technology can get messy as the medium continually evolves (and litigation rushes to keep up). CIPA went into effect in 1994 with the original intention of protecting California residents from eavesdropping on private communication over landline phones. As cell phones exploded, the law received an update to keep cell phone conversations safe.
Next, the law moved on to help California residents against recording video calls online without consent (think platforms like Zoom, Skype, or Hubspot). California residents and law firms today interpret the law to include website tracking devices that monitor user activity.
How Can Small Businesses Protect Themselves?
What can the average small business owner do to avoid CIPA violation fines in these situations? The first step is to audit your website. If you are using cookies, ensure a pop-up appears immediately when a user opens the website. They can either accept or deny the use of any tracking devices.
An important note is that most "cookie consent banners" only cover tracking technologies on the website, not call recording if a prospect calls your business number.
Does your website have a chatbot? Chatbots can get tricky with privacy law, so ask for consent before the user starts the chat. Chatbots can be extremely handy for specific websites but can also bog others down. If you don't see many website visitors using the chatbot, discuss with your team if it's worth keeping on the site. The potential security risks and malfunctions may overshadow a chatbot's user experience.
Additional Digital Privacy Concerns
CIPA is only one instance where consumers can report privacy violations on the internet. Consumers are wary of recorded phone calls, companies selling their data, and apps tracking their activity across other apps.
Every technology we use has layers that the average user may not consider. Small business owners choose which systems, applications, and products to build their business online. Make sure you do your resource and ask the questions you need to ensure the safety of your customers and employees.
Working With Experts
Most small business owners would rather focus on their business than cybersecurity and privacy law. That's where trusted advisors and experts come in. An excellent option for small business owners is
Termageddon. Their site has tips on avoiding CIPA violations and other mishaps, and they provide privacy and cookie consent software to keep you and your site compliant and safe from lawsuits.
Small business owners should consider finding privacy lawyers or experts in their area and connecting. Hopefully, your website and digital presence will never violate a customer's privacy, and you will not have to deal with any privacy disputes. That said, if you do, knowing experts in your area and industry who you can call on to help when you need it is a game changer.
Work With Cole-Dalton Marketing Services
Our Cole-Dalton Marketing Services team aims to help small businesses succeed. We focus on marketing so you can focus on your small business's heart.
Check out our capabilities and marketing systems
here, and let's
get in touch to take your business to the next level!
