Close
Join 237,000 weekly readers and receive practical marketing advice for FREE.
MarketingSherpa's Case Studies, New Research Data, How-tos, Interviews and Articles

Enter your email below to join thousands of marketers and get FREE weekly newsletters with practical Case Studies, research and training, as well as MarketingSherpa updates and promotions.

 

Please refer to our Privacy Policy and About Us page for contact details.

No thanks, take me to MarketingSherpa

First Name:
Last Name:
Email:
Text HTML
Jul 12, 2004
Blog Post

How New CA Privacy Law Affects You (Plus 3 Potential Hot Spots)

SUMMARY: No summary available.
How are you notifying visitors to your Web site about the information you collect from them when they visit or register? If it's with a privacy policy that you've buried on an inside page or with a teeny-tiny little link or icon, you're violation a new California privacy law.

If a California resident accuses you of violating the law, which extends current state privacy law to cover Web sites and online services, you get 30 days to fix the problem. If you don't, that resident could sue you.

The Online Privacy Protection Act of 2003 requires any Web site operator who collects "personally identifying information" from California residents to have a clearly marked and accessible privacy policy, which meets four conditions:

Condition 1: List all the categories of personal information you collect at your site and whom you share that information with.

("Personal information" is full name, address, email address, phone, Social Security number, anything else that would let you reach an individual and anything you collect in a cookie or other online device.

Condition 2: Explain whether and how visitors can review and change their personal information.

Condition 3: Explain how you notify users that you have changed your privacy policy.

Condition 4: Post the policy's effective date.

You also can't bury your privacy policy on an interior page unless you link to it with an eye-catching icon or text link whose type size is larger than the rest of the copy on the page.

Esteemed ContentBiz Publisher Anne Holland also found three vague areas in the law, too:

Grey Area #1. Email programs
Check with your own legal advisers if the term "online service" equals your emails to house lists. We suspect it does. So, you may have to make your privacy link much more conspicuous there.

Grey Area #2. Landing pages
Also, check with legal to see if you should assume the Act extends to campaign microsites and landing pages which may not be obviously part of your main site. We suspect it may, and this means you'll need to change your privacy policies there, too.

Grey Area #3. Third-party-hosted registration forms
If you collect any consumer data using third-party services such as a co-registration deal, an online lead generation service, or a co-branded marketing presence, check with legal to see if you need to fret about your partner's privacy links and statements. We suspect you do.

You can read the law here (go ahead and check it out; it's short and written in what to bureaucrats is plain English):
http://www.leginfo.ca.gov/pub/bill/asm/
ab_0051-0100/ab_68_bill_20031012_chaptered.pdf
See Also:

Post a Comment

Note: Comments are lightly moderated. We post all comments without editing as long as they
(a) relate to the topic at hand,
(b) do not contain offensive content, and
(c) are not overt sales pitches for your company's own products/services.










To help us prevent spam, please type the numbers
(including dashes) you see in the image below.*

Invalid entry - please re-enter




*Please Note: Your comment will not appear immediately --
article comments are approved by a moderator.

Improve your marketing

Join our thousands of weekly Case Study readers. Enter your email address below to receive MarketingSherpa news, updates, and promotions:
Note: Already a subscriber? Want to add a subscription?
Click Here to Manage Subscriptions