Regardless of the law, 90% of legal and privacy-related issues can be solved using the following construct:

If I couldn’t explain this to my grandmother, then I probably shouldn’t be doing it.

I’m at a legal and privacy panel at SxSW and we are discussing what companies could do to ensure we can customize the end-user experience while avoiding PII (Personally Identifiable Information) issues.

Interesting panel which prompted me to download the Ghostery add-in for Safari.

The key takeaways are:

• Consider the relationship dependent environment in which you are interacting with the end-user.
• Don’t collect everything you can. If you don’t have a business need to collect the data or if it doesn’t generate a lot of value, don’t bother.
• Consider the fact that the class action environment is asymmetrical. (That means if you have an issue, it’s cheap for a class action lawsuit to a have a very large negative impact on your business.)
• Build privacy into your model. The best companies will build in the above in how they operate.  This helps mitigate (but will not eliminate) the amount of trouble you can get in.

Privacy regulations, in whatever form they take, will not be the end of the advertising industry or stifle innovation for new web and mobile services.  If you’re thinking of the issues above as you build your business, you can avoid major problems.  Handling PII sloppily will cost you your business.