8:55 PM
Stuart Pardau Bio
In California, the Online
Privacy Protection Act, requires a Web site or online service that collects Personally
Identifiable Information (“PII”) about California residents to, among other
things, state in its privacy policy, not only the types of PII that are
collected but also the categories of third parties with whom such PII is
shared.
A new amendment, AB 370, was signed into law by Governor Jerry Brown and takes effect on January 1,
2014. The new law requires that all such Web sites or online services must disclose how
they respond to “do not track” features or other mechanisms on Web browsers that
provide consumers the ability to exercise choice regarding the collection of
PII about an individual consumer’s online activities.
Compliance with this disclosure requirement may be achieved by
“providing a clear and conspicuous hyperlink” contained in the privacy policy
that links to a description “of any protocol the operator follows that offers
the consumer” the choice to opt-out of internet tracking.
As always, a fundamental consideration is: What is the consequence for non-compliance? Here, it seems the answer is "not much". My sources tell me the privacy advocates feel shafted on this one, getting "only" a notice requirement out of the state legislature and violators receiving a 30 day "cure" period following receipt of notice of non-compliance.
http://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140AB370
0 comments:
Post a Comment