Web Site Publication Privacy and Safety Guidelines

This resources was written by former Associate Conference Minister the Rev. Eric S. Anderson

PDFDownload the PDF version

The first questions when creating a church web site are the four "W's" of the World Wide Web (well, one of them is an "H"):

  • Why: The purpose of the site,
  • What: The content of the site,
  • Who: The designer(s) and maintainer(s) of the site, and
  • (W)How: The technical requirements of the site.

In the content section, however, along with such questions as "Do we want to post the text of our pastor's sermons?" or "Do we want to webcast the worship service?" there are questions of member, staff, and guest privacy and safety. The web can be a marvelous source of information to be used for beneficent purposes. That same information can also be used in ways that are inappropriate or detrimental to the church, its members, and friends.

Each church web site needs, therefore, to establish policies and guidelines for the information it chooses to publish: both about people that share its life and about its activities and concerns. Church members should feel that information about them cannot be mined from the church web site for inappropriate purposes. Web site visitors should also find that inappropriate material is not displayed.

Supporting the ministry of your church

The first principle of a congregation's web site is that it should support the ministry of the church. Material that opposes that mission does not belong. Material that fails to support the mission should be carefully evaluated before it becomes part of the site. If a member is a poet, for example, and wants to publish their work on the web, it is perfectly reasonable to ask if the material forwards the work of the church.

No violation of copyright or trademark

Copyright and trademark laws exist to protect the ability of authors, artists, and institutions to earn a living from their work. In general, this rule holds:

  • If you wrote it, you can make the decision to publish it.
  • If somebody else wrote it, get permission first.

The second rule can get complicated. Companies may own the work of their employees, so having the author's permission may not be the same as having the copyright holder's permission. Beware as well of work that should be old enough to be in the "public domain" and therefore free to use. The Bible's text, for instance, is more than old enough to be in the public domain. The translations, however, may be far more recent work. The Division of Christian Education of the National Council of Churches of Christ in the United States of American holds the copyright for the New Revised Standard Version of the Bible. The NCCUSA gives permission in advance for quotations of 500 verses or less if properly credited -- they specify what "properly" is, of course.

No responsibility for operation of events not affiliated with church

The web site should specifically disclaim operational responsibility for events listed on the site which the church does not actually administer.

General Advertising

It may seem obvious that a church will not accept money in exchange for placing an advertisement on its web site, but it may not be so obvious. A number of churches have been surprised when the "free" web services they used began placing advertising on their pages. Then there are the famous links to books carried by Amazon.com. If a reading group lists its next book with links to it at Amazon, is that advertising? What if the church uses the Amazon Associates program, which allows a web site developer to put in a special link to an item which pays a percentage on the sale, so that the church receives a little money for each member that buys the book?

External hyperlinks policies

The web practice of external hyperlinks is a foundation of the World Wide Web. An important purpose was to allow scholars to create "live" footnotes: a hyperlink allowed a reader to view a document to which the current one referred. Part of the evolution of the web included the common inclusion of a "Links" page, which is the descendant of the academic bibliography.

The result is that most web sites contain links to content on other web sites -- content over which the first site's authors have no control, and yet for which they may be held accountable by their visitors. They may even be called to task for content on a site linked from a site linked from their site!

Short of developing a search algorithm that follows all potential links from a church's site and scans those pages for objectionable content, the best a web worker can do is verify that hyperlinked sites have purposes that are consistent with the church's mission. Sadly, an initial check may not be sufficient. Web sites come and go; organizations change their addresses, or lose their domain name. Periodic checking for the accuracy of links and to see if the content of the target site has changed is a sound if time-consuming practice for a church webmaster.

In a church, it is particularly important to see that hyperlinked site content is appropriate for children.

It may also be useful to include a disclaimer with links pages noting that the church has no control over the content of linked material, and asking for notification if links are out of date or have surprising results.

One church's policy states that links to other sites will open in a new window to make it clear that the content is someone else's. There are services available to local web developers, however, whose usage terms require it to open in the same window. MapQuest, for example, used to specify that links from a web site to their maps or directions stay in the same window. They have since modified this policy, but other providers may ask something similar.

Public privacy statement

Many web sites today collect information about visitors through forms. It's a sound idea to describe specifically the uses which the church will make of that information -- or the uses to which it won't be put.


The church intends that its web site will represent itself to the world (and to its own members, of course). The question of authority is, what people will interpret what the church is and describe it on the web site? And with whom can they confer to verify that their interpretation is correct?

A policy statement that deals with authority over the church's web site specifies a position (staff or volunteer as appropriate) with day-to-day responsibility for editing the site consistent with the church's policies. It further specifies the person(s) or group(s) to whom that position's holder reports. Those are the people who can help the site editor answer the inevitable "What do we do in this situation?" questions -- and they are the people who can require correction of any errors that person made.

Reporting of illegal activity

One church's policy manual states that any illegal activity appearing on the web site, or submitted via e-mail, will be reported to the civil authorities.

Safety of downloadable materials

Most of the content of a church web site is likely to be safe to download to a guest's computer -- which is, in fact, what happens when someone visits a web site. Site files can, however, be infected with viruses; a well-meaning webmaster may also post a "trojan horse" program that purports to do one thing while actually doing something else. Most web hosting providers routinely scan their servers for harmful code and remove it, but it is also important for the local web editor to search for and eliminate malware before copying it to the server in the first place.

It is also vital that web designers test dynamic page generation code before making it widely available. While many scripts do need to be tested on a web server, they should not be added to the public site until the bugs have been removed. Scripters can work on a test server if they have one, or in an unlinked directory of their main site.

Error policies

What happens when the site editors make a mistake? Is there a difference between a trivial error, like a "typo" of the church address, and a policy violation such as a banner advertisement for the latest kitchen gadget? Of course there is; error policies and procedures help the church decide what is minor and what is serious, and what to do in those cases.

Church Members' Privacy

Member privacy is a common concern for churches building web sites. Some considerations in developing a policy should include the ready availability of member information elsewhere on the World Wide Web.

A first name, last name, city, and state entered into Google brings up a "phone book" listing that includes address and telephone number -- plus links which generate a map to that location. Since many, if not most, members of a church live in the same community, the publication of a person's name alone gives access to this contact information.

This is, of course, exactly the same information that is available in printed telephone directories.

The question with adults is not whether it is legal to provide the information, but whether providing it is consistent with the church's relationship with them. Some members may be happy to have information about them published on the Internet, but others may not. As with copyright questions, the guideline is simple: ask.

Some church policies are more restrictive about the use even of identifying information: in other words, names. One church flatly bans the publication of an individual's last name without permission.

Typically, policies provide for a mechanism such as a release form that allows members to authorize publication of information that would not otherwise be displayed.

Church Staff, Officers, and other leaders

While a church may want to limit identification of members, it may want to consider different rules for information about church staff and other leaders. A congregational web site that fails to identify the pastor looks rather odd. Potential visitors or callers may find it more welcoming to know the name of the person who will answer when they telephone.

The names of the officers of a church which is incorporated are a matter of public record -- which is not the same thing as an obligation to post them on the church's web site. The same questions around staff names, however, also apply to board chairs and other church leaders: will making these names or other contact information available to web site visitors enhance their experience of the congregation?

Releases from staff and leaders should be obtained, and should be specific about the information that can be displayed. A pastor who is willing to put a home telephone number on the church answering machine may feel differently about listing it on a web site. It is also possible to make such a release a condition of employment or of holding an office; this, too, should be specific.

Publication of email addresses

Email addresses are a special case. Web site code makes it very easy for a site visitor to click an address and send an email to a local church pastor or board chair -- but the same code makes it trivial for unscrupulous advertisers to find that address and add it to their databases. Shortly thereafter, the flood of "spam" begins. This is a good reason for a policy to never publish email addresses at all.

Such a policy without an alternative, however, is flatly impractical. Email has become such an important means of communication that a church website which doesn't allow a visitor to write to the church feels very unwelcoming indeed.

One approach is to make sure that staff have email accounts that belong to the church, and publish those, not their personal addresses. More and more web hosting accounts include multiple mailboxes, so that volunteer leaders could be given their own address as well. This doesn't reduce the vulnerability to having the email address harvested by spammers, but it does separate the vulnerable address from personal communications. Many ISPs offer spam filtering at the server level as well that can reduce the volume. If the ISP doesn't, the church should install filtering software on its office PCs.

Another approach is to use web site forms that generate email rather than using the standard "mailto" hyperlink. Some form scripts -- though not all -- can successfully hide the recipient's address from a potential data miner. This solution does require that the web hosting provider make certain services available, and that the church's web site developer have the appropriate skills to use them.

Church Directories

The privacy of church members and their desire for an easy way to look up their fellow members' contact information comes into direct conflict when considering making a membership list available on a web site. While the information to be published may be freely available elsewhere, such as a telephone book, the association with the church itself is not.

If a church wants to do so, it can take steps to protect an online directory from casual and even somewhat directed data mining. If the web host supports it, the church can create a password-protected section of the site, and distribute the login credentials solely to its members. Such as a system has disadvantages, mostly those related to forgetting, losing, or mistakenly handing over passwords, and it may require a fair amount of staff time to administer. Note in addition that there is no such thing in computer security as complete safety from a diligent, directed attempt to break in. Church membership information is unlikely to be the subject of such an attack, but it can happen.

And, of course, permission is the key to the relationship.

Identification of children

A good deal of the concern over web site privacy risks surrounds children. Churches seek to be safe and nurturing environments for children, and to avoid exposing them to potential risk.

Church web site manuals typically have very strict policies about identifying children. Some simply will not identify those under 18 by name at all. Others will use only a first name. Permission from a parent or guardian, of course, will allow web site editors to use a name if there is a compelling reason for it.


"A picture is worth a thousand words," goes the cliche. One of the greatest changes in the World Wide Web since its development has been the increase in visual elements over textual. On the web, photos are everywhere. And faces are far more compelling than architecture. The image of the church building identifies a location, but the smiling church member identifies the community. A web site without member pictures will not serve the church's ministry.

Images may be copyrighted or trademarked, so the guidelines for use of graphic items imported from elsewhere should be the same as those for text material. Many more images, however, will be generated from the church's membership, at its worship, meetings, and social events.

Legally, the church may be able to publish some images without permission. According to the American Society of Media Photographers, model releases are required if:

  • The subject is recognizable, and
  • The image will be used in advertising, or
  • The image will be used to enhance a business interest.

Certainly unrecognizable figures can be used -- and a model release may not be possible to get in such a circumstance, anyway. Whether the church web site is advertising, or whether church activity is considered a "business interest" are more difficult questions.

And in any case, the question goes back again to relationship: is the use of identifiable photographs without permission consistent with the church's relationship with its members? Churches that have developed web site image guidelines have consistently said that it is not, and have specified that releases be obtained before publishing recognizable photographs.

Images of children are typically handled more cautiously. One church flatly will not publish recognizable photos of children under 16, even with permission. Others require a review process involving the pastoral staff even after a parent or guardian's release has been obtained.

Identification of subjects

Once a photo has been published, are its subjects identified? Once again, the permission of the member is commonly specified in church policies, but at least one church says that no images will be identified -- though that one makes an exception for staff.

Cookie use

A web site visit is generally anonymous. Browser software does not provide much information that a web server can use to identify a guest without considerable effort. This is a problem when the site designer wants to provide certain kinds of services: an online chat forum, for example. It is not user-friendly to require a user to continually re-enter their name when submitting their chat messages.

The technological response has been the web browser "cookie" or similar variants which allow the server to save information a visitor has entered and apply it later on when it's needed. Online stores use cookies to remember what items are in the "shopping cart." "Portals" such as Yahoo use cookies to save the display preferences on their site, so that when John visits it reads "Welcome, John!" and when Jane visits it reads "Welcome, Jane!"

Cookies have also been misused, of course. They can be used to track a user's visit through a web site, record it, and generate unsolicited email advertising later on. The result is web browsers that have cookie identification, restriction or removal features.

Churches can create policies that dictate the appropriate uses of cookies, including the length of time before they expire.


Web sites are most frequently viewed on a personal computer display, but this is not always the case. More and more cell phones can now "surf the web," and the design that looks wonderful on a 17" monitor can be completely unreadable on a phone display. Other visitors will "see" the site in Braille, and still more may prefer to print some pages at a larger type size.

The World Wide Web Consortium describes techniques that will allow the visually impaired, cell phone users, and PC users to have good experiences of a web site at www.w3.org/WAI. A church developing policies may wish to refer to these techniques in writing their own guidelines.

Prohibited Materials

Web hosting providers specify content that is not allowed in their user agreements. Churches may wish to identify other kinds of material as well.


From the first to the last, the question is: Does publication of a given piece of information further the ministry and mission of the church? If it does, then it should be made available once the appropriate permissions have been obtained. If it does not, then the web site editor probably has another item to turn to.