It's Early in Web Years Redux

Details on Marc Andreessen’s New Fund (Plus Five Other Interesting Things He Said). Anyone heard of Marc of Netscape/Ning fame? He is one of the most grounded people in Tech. Why? He has this smart no BS, common sense, way of discussing the industry. Here he indicates that it is still early in the game because no one can predict where the Web is headed, because as pure software platform it has few contraints.

It short, It's Still Early in Web Years.

SaaS Versus No SaaS: the song remains the same!

Authorize.net goes down. That is a serious outage, but non-SaaS enterprise apps experience similar outages, and to one degree or another, these things are to be expected.

Sure everybody should be concerned with availability (and “scalability”) when they select a SaaS vendor. I reduce risk by only playing with the “big boys,” but they have gone down from time to time as well.

The question is not whether there will be some downtime, but whether a company, especially a small to mid-size company, is in a better position than a trusted SaaS vendor to manage the app in question?

FTC's Red Flag Rule for your online business?

The Red Flags Rule applies to “financial institutions” and “creditors.” The Rule requires you to conduct a periodic risk assessment to determine if you have “covered accounts.” You need to implement a written program only if you have covered accounts.

It’s important to look closely at how the Rule defines “financial institution” and “creditor” because the terms apply to groups that might not typically use those words to describe themselves. For example, many non-profit groups and government agencies are “creditors” under the Rule. The determination of whether your
business or organization is covered by the Red Flags Rule isn’t based on your industry or sector, but rather on whether your activities fall within the relevant definitions.

There are at least some eCommerce sites that would qualify as "creditors" but most, like almost all non-profits, do not think of themselves as such. For more information and guidance regarding the Rule click here. If you are still confused, then you are best advised to contact a Privacy & Data Security Lawyer..

No longer business as usual at the FTC?

FTC Tells Sears That Consumer Disclosures Must be More Conspicuous : Privacy Law Blog. Here's yet another indication of how the rules of the road may be changing with respect to privacy & security. Companies that want to collect the kind of "behavioral data" that Sears was allegedly collecting need to be much more aggressive in their privacy policy disclosures.

Simply taking the passive approach of burying disclosures in a privacy policy that nobody reads may not cut it anymore.

As a Privacy Attorney I obviously track these issues on a daily basis. But even the most casual Internet observer knows that privacy & data security are front page news. Look for the FTC to start sending a strong message to the online marketplace.

This is not your father's Internet.

Do I need to audit my website?

As an Internet Lawyer I get asked this question often. Think of a website audit  as a kind of insurance policy. An audit helps protect you from the downside risk of doing business online. You have likely spent a great deal of time and money launching your site.  Increasingly, a website is "mission critical" and for many online businesses the site is the mission. An audit is an incremental expenditure to ensure that all the appropriate legal bases have been covered. For additional information read our article Why Audit Your Website?.