Posted on 07/22/2021 at 09:33 AM by John Lande

The global pandemic forced organizations of all kinds and sizes to change the ways they interact with their employees, customers, and clients.

More than ever, organizations rely on information they receive through digital means, whether by email, websites, or other types of online data collection. This radical shift occurred so quickly that many organizations may not have spent time considering whether this requires a change to the terms and conditions of their online privacy policies and terms of use.

As organizations assess how the pandemic may permanently modify their business practices, it is important that they not forget to review and update their website privacy policy and terms of use. Often organizations collect a variety of data from individuals who visit their sites, including names, email addresses, and background information in the form of cookies deposited on the user’s device.

While collection of this type of non-sensitive personal information is usually not a problem, organizations can unknowingly create a problem if their information collection and sharing practices differ from what their online policies state. In order to prevent confusion and challenges, organizations should update and clarify their terms of use on their websites to make sure they are consistent not only with the organizations’ actual practices, but also data privacy laws that are rapidly proliferating across the United States and the world.

We have previously reviewed efforts in Iowa, for example, to enact California-style data privacy legislation. Organizations that operate in multiple states need to be aware of any applicable data privacy requirements in those jurisdictions as well.

The pandemic has and will continue to re-shape business practices. As we continue to adapt to this changed world, it is important to make sure that our policies and representations to potential business partners are consistent with this changed reality.


Shareholder Attorney John Lande is chair of Dickinson Law's Cybersecurity, Data Breach, & Privacy practice group. For more information on his practice, click here


Questions, Contact us today.

Contact Us


The material, whether written or oral (including videos) that is posted on the various blogs of Dickinson Bradshaw is not intended, nor should it be construed or relied upon, as legal advice. The opinions expressed in the various blog posting are those of the individual author, they may not reflect the opinions of the firm.  Your use of the Dickinson Bradshaw blog postings does NOT create an attorney-client relationship between you and Dickinson, Bradshaw, Fowler & Hagen, P.C. or any of its attorneys.  If specific legal information is needed, please retain and consult with an attorney of your own selection.

There are no comments yet.
Add Comment

* Indicates a required field