Since the early days of the internet, when federal regulators expressed concern that consumers did not understand what data was being collected about them online and how it was being used, companies have been drafting privacy policies.
The guiding principle for these privacy policies has always been the Federal Trade Commission’s (FTC) prohibition on “unfair or deceptive acts or practices.” That meant drafting a policy that was thorough and comprehensive, yet clear and easy for a consumer to digest. An early California law and behavioral advertising self-regulatory principles required certain specific disclosures, but overall, the FTC standard was vague enough to give publishers flexibility in how they structured their disclosures.