5

During sign-up, the user must agree to the terms and conditions and privacy policy.

Is it sufficient to state: "by registering, you agree to our terms of service and privacy policy" (where the words "terms of service" and "privacy policy" are hyperlinked to their respective documents, and where the blurb is placed directly above the "Sign Up" submit button)

Or, does there need to be a check box so that the user must explicitly click it to indicate agreement?

I see both of these scenarios all over the web. I would prefer not to have the user click something e.g. to reduce friction at sign-up time.

GWR
  • 282
  • 2
  • 9

1 Answers1

2

@Marco Aurélio Deleu and @mostlyinformed left comments which form the essence of this answer.

I am posting an answer as I have revisited this subject with all of the GDPR stuff going on lately.

Bottom line is that the answer is highly dependent on jurisdiction.

With GDPR, I understand that you can't rely on technological methods of geo-locating someone (e.g. GDPR applies to citizens of the EU, regardless of where they are) so we see many companies applying the most cautious / most strict approach globally (which is probably good in general). Under GDPR, Browse-wrap agreements (e.g. by using... you agree) are no longer sufficient and I expect other nations will "catch up" with the EU and implement similar laws eventually.

At this point I think the most common legally compliant methods seen now are sites showing a banner at the top or bottom saying something like "our terms are updated" along with a button to click indicating agreement (and a "x" to close it without agreement).

p.s. I encourage anyone with legal experience to correct any points I have made which are not correct.

GWR
  • 282
  • 2
  • 9