Note to startups: Don’t publish your lawyers notes about the various ways you might exploit user data for profit.
Video site Chatroulette has just done just that, publishing lawyers notes like “[Andrey, does Chatroulette intend to share the personally identifiable information of users with third party companies for them to send direct marketing or promotional materials to your users e.g. name, email address, postal address etc.? If not, please delete this Section 5.]“ and the precious “[Andrey: Do you have any reasonable security measures in place to protect any personal information you may collect e.g. SSL? If so, keep in the bracketed language but remove the brackets. If not, please delete the bracketed language as Chatroulette should not state that it has security procedures in place if this is not currently the case.]“ right within the policy itself.
It’s standard procedure to get stuff like this from your lawyer to review, but not so standard to publish it. Those who want to take a look at the policy revisions can check them out here, but act fast, as they probably won’t be up for very long.