We build websites, and some that accept user data and/or allow creation of accounts with personal information. What's the worst that could happen if you don't have a Privacy Policy on your website? I know that the site needs one.
Also, whats the worst a consumer or parent can do when he/she encounters a site (for adults or children) without a Privacy Policy, apart from complaining to some court or legal authority? Is there a central place for this in the US and other countries?
In the U.S.? Nothing. Sorta. A privacy policy is a good idea and helps trust organizations such as eTrust evaluate your site for trust. It also helps the site user. I always read the privacy policy when any account or PII (personally identifiable information) is taken.
The exception is where a site engages in marketing and serving to children 13 and under. There are legalities involved and a privacy policy is required. http://en.wikipedia.org/wiki/Children%27s_Online_Privacy_Protection_Act
If your site is clearly not for children, then it is just good business even for sites that do not have account registrations but do capture usage information, uses cookies, or uses a 3rd party tool that may do the same such as Google Analytics and Adsence.
If your site is purely informational and you do nothing else but evaluate site logs, then I would not worry about it unless you want a trust organization to give a better score.
The Wikipedia page on this is very good. http://en.wikipedia.org/wiki/Privacy_policy Here you will see as much information as there probably is with good links on the subject.
