Nonprofits and Online Website Privacy

Most nonprofit organizations have websites.  The websites typically collect personal information about visitors, whether intentionally or unintentionally.  State, federal, and international laws govern the storage, handling, and transmission of personal information that is collected through websites.  How should nonprofit organizations responsibly handle this website data?  The laws are complex, but our two-part answer is straightforward: (1) adopt an online privacy policy for user disclosures and controls; and (2) follow the policy!

It’s All About the Information

Websites historically contained mostly static information.  However, technology evolves, and today, nonprofits rely on their websites to interact with stakeholders for important operational tasks, including soliciting and enrolling volunteers, acknowledging fundraiser registrations, accepting charitable donations, and collecting newsletter and email distribution list subscriptions.

In each of the above examples, website users provide what the law classifies as Personally Identifiable Information (“PII”), which correlates to and identifies a specific user of a nonprofit’s website.  Site users generally provide PII voluntarily – names, birthdates, email addresses, and credit card numbers for donations are common examples of voluntarily provided PII. 

A Nonprofit’s Guide to Copyright Law for Derivative Works

 The right to create separately owned derivative works is an important yet often misunderstood area of copyright law.   More specifically, issues of derivative work ownership and authorized usage may arise anytime a copyright owner permits someone else to modify a preexisting copyrighted work.  A common nonprofit example occurs when an organization authorizes an affiliate or joint-venture party to improve and adapt copyrighted program materials for use in specific situations, such as a curriculum, other educational materials, or advocacy information.  Issues also may arise when a nonprofit