Law Firm Partner Resources

Privacy law compliance is a constantly evolving field of practice, with new bills being proposed, new guidance being issued, and new cases being decided seemingly every day. These constant changes can seem overwhelming. That is why we created this resources page for Termageddon Law Firm Partners, so that you can have access to the most important and relevant information that will aid you in your practice and in drafting policies for your clients. 

INDEX:
1. How to sell Privacy Policies to your clients
2. What to charge your clients for a policy drafting service when using Termageddon 
3. Special pricing for Law Firm Partners
4. How to set up a license for your client
5. Popular articles that can be shared with your clients
6. What’s happening in privacy? Privacy bill trackers, new cases and privacy news 
7. Get involved in privacy 
8. Recommended certifications
9. Best resources for privacy law practitioners 

1. How to sell Privacy Policies to your clients

As you know, privacy is becoming a big deal – new lawsuits are being filed for privacy law non-compliance, privacy laws are being enacted and enforced and consumers care about the privacy of their Personally Identifiable Information (PII) more than ever before. However, your clients may not know about all of these changes, may be stuck in the early 2000’s where there was very little regulation on consumer privacy online, or may be too overwhelmed about this privacy conversation to even ask you about it. The truth is that offering Privacy Policies to your clients is really no different than pointing your clients in the right direction in other compliance matters such as forming an LLC or a Corporation. It’s all about educating your clients on their obligations, the risks, and the consequences of ignoring those obligations and risks. 

While your conversation with your clients about policies will be influenced by your relationship, the client’s risk tolerance, what laws, rules and regulations apply to your client, and your experience, our Law Firm Partners have found success in discussing the following points with their clients: 

  1. Several privacy laws are already in place that require certain websites that collect PII to have a Privacy Policy. You can read more about what laws require websites to have a Privacy Policy in our article
  2.  Privacy laws start applying when PII is collected. This means that your client does not have to share or sell the PII for the laws to apply. To learn more about how certain privacy laws define PII, please read our article
  3. Websites often collect PII through contact forms, newsletter sign up forms, login or account creation forms, and analytics services. If you client’s website has one or more of these features, a Privacy Policy should be considered; 
  4. Privacy laws have been enacted to protect consumers, not businesses. Due to the nature of the Internet, the privacy laws of different states or even countries may apply to your client, even if they are not physically located in those states or countries; 
  5. Currently, more than twenty privacy bills have been proposed across the United States. Some of these bills, such as New York’s, would allow consumers to sue businesses of any size and location directly for not having a Privacy Policy. This means that your clients do not just need a Privacy POlicy that has all of the disclosures that the current laws require, but also a strategy to keep it up to date when the laws change or when new laws are enacted. To learn more about the proposed state privacy bills, check out our state bill tracker
  6. Fines for privacy law non-compliance can range from $2,500 per violation (per website visitor whose privacy rights your client infringed upon) to €20,000,000 or more in total. 
  7. Your client’s customers care about privacy, and your client may lose business if they do not take those concerns seriously. For example, according to a recent study, 93% of Americans would switch to a company that prioritizes privacy. 

You should consider speaking to your clients about the importance of Privacy Policies during the initial intake, when discussing the laws, rules and regulations that your client needs to comply with, or simply in a reminder email or call. 

2. What to charge your clients for a policy drafting service when using Termageddon 

Deciding what you charge your clients is a very personal matter – attorneys charge more or less depending on a variety of factors, including experience levels and the complexity of the matter. We encourage you to review the state’s rules of professional conduct where you are licensed and take the following factors into account when choosing how much to charge for policy drafting services: 

  1. The time and labor required, the novelty and difficulty of the questions involved, and the skill requisite to perform the legal service properly; 
  2. The likelihood, if apparent to the client, that the acceptance of the particular employment will preclude other employment by the lawyer; 
  3. The fee customarily charged in the locality for similar legal services; 
  4. The amount involved and the results obtained; 
  5. The time limitations imposed by the client or by the circumstances; 
  6. The nature and length of the professional relationship with the client; 
  7. The experience, reputation, and ability of the lawyer or lawyers performing the services; and 
  8. Whether the fee is fixed or contingent. 

Remember that Termageddon is a tool that aids you in creating the initial draft of the policy. Our goal is to save you valuable time, but you will still need to review the policy and ensure that it is fit for your client. Because the Termageddon license fee is recurring (since we monitor privacy laws for you), most of our Law Firm Partners will add a couple years’ of the license fee to the quote that they provide to their clients. Other Law Firm Partners charge their clients a recurring fee to keep their policies up to date. 

In our experience, we have seen attorneys charge anywhere from $500 to $2,000 per policy if they are charging a flat rate. 

When existing laws change or new laws are passed, we will notify you of the changes that need to be made. You will then have to review the changes and ensure that your client is aware of the update. When changes occur, we recommend that you charge your client for the time that it takes you to review the update. 

3. Special pricing for Law Firm Partners

As our President is a privacy attorney who was in private practice for a few years, we have competitive pricing offers for our Law Firm Partners. If you would like to purchase licenses one at a time, you can do so right from your dashboard at $99 per year for one license. To purchase licenses one at a time, follow these steps: 

  1. Login to your dashboard
  2. Purchase a license by clicking “Hello (your name)” → Account Settings → Payment Information → Update. 

We also offer bulk discounts for those wanting to protect multiple clients with policies. As our thank you for joining us as a Law Firm Partner, we are offering a package of 20 licenses for $499 per year. Please note that this package will renew at the same rate each year. To purchase a package, please contact us at Hans@termageddon.com

Please note that one license includes all of the policies needed to protect one client’s website or application. One license includes a Privacy Policy, Terms of Service, Disclaimer, and an End User License Agreement.  

4. How to set up a license for your client

So you’ve had your first client say “yes” and you would like to set up their policies using Termageddon? Here are the steps that you need to follow to set up their license and policies: 

  1. Login to your dashboard
  2. Purchase a license by clicking “Hello (your name)” → Account Settings → Payment Information → Update. You also have access to bulk discounts which you can view on our Special Pricing for Law Firm Partners Page. One license protects one client’s website or application and includes a Privacy Policy, Terms of Service, Disclaimer, and End User License Agreement; 
  3. After making your purchase, click “Dashboard”; 
  4. Click “add license” and name it. We recommend that you name the license with  your client’s website URL or application name; 
  5. Click “continue setup”; 
  6. Answer the global install questions and click “submit”; 
  7. Click the gray “add policy” box and choose the policy that you would like to create; 
  8. Answer all of the questions on each page and click “next” until you reach the final page. Once you answer all of the questions, click “submit”; 
  9. To view the text of the policy, click “view policy”; 
  10. To edit any of the text of the policy, click “override policy” and “edit section” on the section(s) that you would like to edit; 
  11. Once you are satisfied with the policy, click “view embed code”. The embed code should be placed on your client’s website or application policy page (e.g. Privacy Policy page) and it will allow you to remotely make updates to your client’s website or application in the future without having to involve IT. Copy and paste this embed code into an email to your client or whoever is responsible for your client’s website or application, requesting them to put the embed code onto the respective policy page. Once the embed code is inserted, the policy will display on that page; 
  12. To add additional policies, click “policies” on the left hand side, and then “add policy” and follow the steps 7 through 11. 

5. Popular articles that can be shared with your clients 

Sometimes clients just want to read about a particular issue themselves to gain a better understanding of your recommendations. You may find the following articles and resources helpful in educating your clients about the importance of policies: 

  1. Why you need a Privacy Policy if you are using a contact form – link to article
  2. Does my website need a Privacy Policy? – link to article
  3. A guide to getting a Privacy Policy for your website – link to article
  4. State laws relating to Internet privacy – link to article
  5. Guide to privacy laws in the United States – link to article
  6. A list of proposed state privacy bills – link to article
  7. A tracker of all fines issued under the European Union’s privacy law, the General Data Protection Regulation – link to tracker

6. What’s happening in privacy? Privacy bill trackers, new cases and privacy news 

The field of privacy is so exciting because there is no shortage of new developments. It seems like every day, there are new bills being proposed, new laws being enacted, guidance being issued, or cases being decided. Don’t worry though, we are here to help you keep up with the latest developments. 

  1. Our state privacy bill tracker shows you the current proposed privacy bills in the U.S. on a state by state level; 
  2. Our federal privacy bill tracker shows you the current proposed privacy bills in the U.S. on a federal level; 
  3. Our blog discusses the most recent cases, guidance, practical tips, and interpretations; 
  4. Our newsletter specifically for Law Firm Partners discusses the latest new privacy cases and news. You can subscribe to our newsletter here. 

7. Get involved in privacy 

Privacy is a field where the demand for professionals and resources outpaces supplies. It is also a field full of people who truly appreciate the help and, if you have the time and the interest, volunteering in this field will be truly rewarding. If you’re looking to get involved, the following groups are often looking for volunteers knowledgeable in the field of privacy: 

  1. American Bar Association’s Science and Technology Law Section – ePrivacy Committee
  2. International Association of Privacy Professionals – open volunteer opportunities
  3. Electronic Frontier Foundation – open volunteer positions

8. Recommended certifications 

Even with the proliferation of the privacy field, not many law schools offer courses in privacy. As such, privacy law practitioners find immense value in obtaining certain certifications, both from an educational standpoint and a job prospects standpoint. The following is a list of our favorite privacy-related certifications that we encourage you to consider: 

  1. Certified Information Privacy Professional (CIPP): this certification is provided by the International Association of Privacy Professionals (IAPP), which is the largest community of privacy enthusiasts in the world. The CIPP is for those who want to demonstrate their mastery of jurisdictional laws, regulations, and enforcement models, plus legal requirements for handling and transferring data. Different concentrations are available, such as Asia, Canada, Europe, and United States privacy regimes. 
  2. Certified Information Privacy Manager (CIPM): also provided by the IAPP, the CIPM is created for professionals who manage day-to-day operations. With the CIPM, you will learn how to make data privacy regulations work for your organization by understanding how to implement them in day-to-day operations. You will also learn how to create a company vision, structure a data protection team, develop and implement system frameworks, communicate to stakeholders, measure performance and more. 
  3. Certified in Healthcare Privacy and Security (CHPS): this certification is provided by the American Health Information Management Association (AHIMA) and will help you achieve recognition of your expertise in designing, implementing, and administering privacy and security protection programs in healthcare organizations. 
  4. Certified in Data Protection (CDP): this certification is provided by the Identity Management Institute and is a comprehensive global training and certification program that leverages international security standards and privacy laws to teach candidates about best data protection practices during the entire data lifecycle, whether data is at rest, in transit, or being processed. 
  5. PACC Professional Certification: this certification is provided by the Privacy & Access Council of Canada and signifies to employers, clients, colleagues, and the public that the holder possesses demonstrable experience, skill, and education necessary to navigate the unique challenges of information privacy, access to information, and data protection. 
  6. GDPR-Certified Data Protection Officer: this certification is provided by the PECB and enables practitioners to acquire the necessary knowledge and skills, and develop the competence to perform the Data Protection Officer role in a GDPR compliance program implementation. 

9. Best resources for privacy law practitioners

The Internet is a vast place and, if you are looking for an answer to a specific privacy question, it is easy to get disoriented in the variety of the (sometimes correct) answers available. If you are a privacy professional looking for answers to questions, opportunities to learn and opportunities to network, we recommend the following resources: 

  1. American Bar Association’s Science and Technology Law Section – ePrivacy Committee: a great place to connect with fellow privacy law practitioners, receive a monthly newsletter with the most important privacy news and developments, gain access to job opportunities, and participate in educational and networking events. Our President, Donata Kalnenaite, is the Vice Chair of this Committee, so if you are unsure as to whether you’d like to join, please contact her at Donata@termageddon.com
  2. International Association of Privacy Professionals (IAPP): the world’s largest information privacy organization, the IAPP has it all. From the latest news, to guides and white papers on the most pressing privacy issues, to educational programming from leading privacy experts, to job opportunities, if you are looking for anything privacy-related, you will find it at the IAPP. Our President, Donata Kalnenaite is the Chair of the Chicago Chapter, so if you are unsure as to whether you’d like to join, please contact her at Donata@termageddon.com
  3. National Conference of State Legislatures: this website lists all of the existing state law related to Internet privacy. 
  4. DLA Piper data protection laws across the world: a map that allows you to compare different privacy laws. 
  5. Privacy matters podcast with Nicole Stephensen: learn more about the protection of personal data in the context of Internet of Things technologies. 
  6. European Data Protection Supervisor’s website: learn about the latest GDPR guidance, cases, and news right from the European Union’s independent data protection authority. 
  7. Information Commissioner’s Office’s website: learn about the latest developments and gain access to invaluable guidance from the United Kingdom’s independent data protection authority. 
  8. Federal Trade Commission’s privacy and security guidance: learn more about topics such as children’s privacy, data security, the Privacy Shield framework and the latest privacy law enforcement cases brought by the FTC. 
  9. Electronic Frontier Foundation: learn more about the latest issues and privacy infringements.