Note to startups: Don’t publish your lawyer’s notes about the various ways you may or may not profit off of user data.
Video chat site Chatroulette seems to have just done just that with its privacy policy, publishing lawyer’s notes like …
“[Andrey, does Chatroulette intend to share the personally identifiable information of users with third party companies for them to send direct marketing or promotional materials to your users e.g. name, email address, postal address etc.? If not, please delete this Section 5.]”
And the precious …
“[Andrey: Do you have any reasonable security measures in place to protect any personal information you may collect e.g. SSL? If so, keep in the bracketed language but remove the brackets. If not, please delete the bracketed language as Chatroulette should not state that it has security procedures in place if this is not currently the case.]“
— right within the policy itself.
The “Andrey” being addressed here is presumably the site’s teenage founder Andrey Ternovskiy. [Note: I’ve been a huge fan of Chatroulette since I first reviewed it, but this was too good not to post. ]
I mean it’s standard procedure to get notes like this from your lawyer to review, but not so standard to publish them. Those who want to take a look at the suggested policy revisions can check them out here, but act fast, as they probably won’t be up for very long.
Click images for a larger version.