A few of my past posts have discussed the growing use of social media Web sites and why companies should consider joining the conversation. Whether that is through an existing social media Web site like Facebook or creating a social media Web site, this marketing technique provides a company with greater access to its customers including information about them. And more information about a company’s customers is a commodity all companies strive to have.

But with greater access to customer information comes great responsibility. Companies must be responsible with how this information is used and especially about how this information is protected. For example, the CAN-SPAM Act requires companies sending marketing e-mails to allow consumers to opt out of receiving future e-mails. Additionally, the Children’s Online Privacy Protection Act (“COPPA”) regulates the online collection and disclosure of personally identifiable information obtained from children under 13. Under COPPA, companies that operate Web sites that are directed or appealing to children that collect personal information online must first obtain verifiable parental consent to collect such information. 

A first step for companies using or creating social media Web sites is to have well drafted privacy policies that govern the collection and use of personal information. However, privacy policies may not entirely eliminate the legal risks of using or having social media Web sites. As companies engage with customers in this new media, they will need to keep in mind the legal risks that are involved and should take steps to limit their liability when possible.