A Privacy Standard is a set of rules that regulate how companies collect and use the personal information of their customers.
They may be legally mandated by federal or state law or voluntarily adopted by companies. If a company does not comply with a privacy standard, it could face legal liability for violating the law or breaching its contract with customers or other stakeholders.
The Two Main Types of Privacy Standards
Privacy Law: A law established by a government to regulate the collection and use of personal information by businesses. This law is typically enforced by a government agency or commission, such as the Federal Trade Commission in the United States or the Data Protection Authority in the European Union.
Privacy Policy: A written agreement between a business and its customers describing how that business will use their personal information. A privacy policy can be part of an organization's terms and conditions or it can be separate from them (although it's best to include your privacy policy with your terms).
The most common example of a violation of privacy is the unauthorized disclosure of private information. In other cases, such as video surveillance in public places, there may be no expectation of privacy, to begin with. In many countries, there are laws that mandate the protection of personal information under certain circumstances. The details vary by jurisdiction and industry sector.