Chegg 2015 Annual Report Download - page 65

Download and view the complete annual report

Please find page 65 of the 2015 Chegg annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 139

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139

Table of Contents
26
platform. Other businesses have been criticized by privacy groups and governmental bodies for attempts to link personal
identities and other information to data collected on the Internet regarding users’ browsing and other habits. There are numerous
federal, state and local laws regarding privacy and the collection, storing, sharing, using, processing, disclosing and protecting
of personal information and other user data, the scope of which are changing, subject to differing interpretations, and which
may be costly to comply with and may be inconsistent between countries and jurisdictions or conflict with other rules.
We currently face certain legal obligations regarding the manner in which we treat such information. Increased
regulation of data utilization practices, including self-regulation or findings under existing laws, or new regulations restricting
the collection, use and sharing of information from minors under the age of 18, that limit our ability to use collected data could
have an adverse effect on our business. In addition, if unauthorized access to our students’ data were to occur or if we were to
disclose data about our student users in a manner that was objectionable to them, our business reputation and brand could be
adversely affected, and we could face legal claims that could impact our operating results. Our reputation and brand and
relationships with students would be harmed if our billing data were accessed by unauthorized persons.
We strive to comply with all applicable laws, policies, legal obligations and industry codes of conduct relating to
privacy and data protection. However, U.S. federal, U.S. state and international laws and regulations regarding privacy and data
protection are rapidly evolving and may be inconsistent and we could be deemed out of compliance as such laws and their
interpretation change. In addition, foreign privacy, data protection, and other laws and regulations, particularly in Europe, are
often more restrictive than those in the United States. The costs of compliance with, and other burdens imposed by, such laws
and regulations that are applicable to our business operations may limit the use and adoption of our services and reduce overall
demand for them. Furthermore, foreign court judgments or regulatory actions could impact our ability to transfer, process and/
or receive transnational data, including data relating to students or partners outside the United States. Such judgments or actions
could affect the manner in which we provide our services or adversely affect our financial results if foreign students and
partners are not able to lawfully transfer data to us. For example, the European Court of Justice recently invalidated the U.S.-
EU Safe Harbor framework that had been in place since 2000, which allowed companies to meet certain European legal
requirements for the transfer of personal data from the European Economic Area to the United States. While other adequate
legal mechanisms to lawfully transfer such data remain, the invalidation of the U.S.-EU Safe Harbor framework may result in
different European data protection regulators applying differing standards for the transfer of personal data, which could result in
increased regulation, cost of compliance and limitations on data transfer for us and our customers. In addition, some countries
are considering or have passed legislation implementing data protection requirements or requiring local storage and processing
of data or similar requirements that could increase the cost and complexity of delivering our services.
Any failure or perceived failure by us to comply with our privacy policies, our privacy or data-protection obligations
to students or other third parties, our privacy or data-protection legal obligations or any compromise of security that results in
the unauthorized release or transfer of sensitive information, which may include personally identifiable information or other
data, may result in governmental enforcement actions, litigation or public statements against us by consumer advocacy groups
or others and could cause students to lose trust in us, which could have an adverse effect on our business. Additionally, if third
parties we work with, such as colleges and brands, violate applicable laws or our policies, such violations may also put our
student users’ information at risk and could in turn have an adverse effect on our business.
Public scrutiny of Internet privacy issues may result in increased regulation and different industry standards, which could
deter or prevent us from providing our current products and services to students, thereby harming our business.
The regulatory framework for privacy issues worldwide is currently in flux and is likely to remain so for the
foreseeable future. Practices regarding the collection, use, storage, display, processing, transmission and security of personal
information by companies offering online services have recently come under increased public scrutiny. The U.S. government,
including the White House, the FTC and the U.S. Department of Commerce, are reviewing the need for greater regulation of the
collection and use of information concerning consumer behavior with respect to online services, including regulation aimed at
restricting certain targeted advertising practices. The FTC in particular has approved consent decrees resolving complaints and
their resulting investigations into the privacy and security practices of a number of online, social media companies. Similar
actions may also impact us directly, particularly because high school students who use our College Admissions, College
Counseling and Scholarship Services are typically under the age of 18, which subjects our business to laws covering the
protection of minors. For example, various U.S. and international laws restrict the distribution of materials considered harmful
to children and impose additional restrictions on the ability of online services to collect information from minors. The FTC has
also revised the rules under the Children’s Online Privacy Protection Act effective July 1, 2013. Although our services are not
directed to children under 13, the FTC could decide that our site now or in the future has taken inadequate precautions to
prevent children under 13 from accessing our site and providing us information.