Is Your Company’s Web Site Privacy Policy Compliant With New California Law?

Privacy Law Update: California “Do Not Track” 

Two California laws went into effect at the beginning of the year that  require additional notifications to consumers.  The California Online Privacy Protection Act (“CalOPPA”) requires that web sites, mobile apps and other online services available to California residents (in reality anyone with a web site that may be accessed by a CA resident) post a privacy policy that gives notice to consumers regarding behavioral or interest-based advertising practices (“OBA”).

Disclosures must explain:
1. If a web site operator allows other parties to use tracking technologies in connection with the site or service to collect certain user data over time and across sites and services; and
2. How it responds to browser “do not track” signals or other mechanisms designed to give consumers choice as to the collection of certain of their data over time and across sites and services

In addition, the “California Shine the Light Act” requires that companies (except non-profits and businesses with less than 20 employees) collecting broadly defined personal information from California consumers on or offline either: (a) give consumers a choice as to the sharing of that information with third parties (including affiliates) for direct marketing purposes; or (b) provide notice of, and maintain, a method by which consumers can annually obtain information on the categories of information disclosed the names and addresses of the recipients of that data, and a description of the recipients’ business.

If an e-commerce service offers tangible goods or services, or vouchers for them, to California consumers, it must give certain notices to consumers, including how they can file a complaint with the CA Department of Consumer Affairs.

Are you  concerned about how to disclose how your service responds to “Do Not Track” signals or similar tools and settings, and whether third parties are permitted to collect personally identifiable information about consumer online activities over time and across different websites when a consumer uses that online service? We may be able to help. We can review your policies, your information gathering and sharing practices, and advise on whether there is room for improvement.

Please contact us for a no-fee consultation.

Amended California Do Not Track Disclosure Law Requires Websites Disclose Do Not Track Signal Response

At the end of August, the California passed an amendment to the California Online Privacy Protection Act that will require commercial websites and services that collect personal data to disclose how they respond to Do Not Track signals from Web browsers.

AB 370, as introduced by California Assemblyman Al Muratsuchi, requires a business that discloses a customer’s personal information to a third party for direct marketing purposes to provide the customer, within 30 days after the customer’s request, as specified, in writing or by e-mail the names and addresses of the recipients of that information and specified details regarding the information disclosed.

This bill, available here, would declare the intent of the Legislature to enact legislation that would regulate online behavioral tracking of consumers.


Privacy Legal News Roundup

Trying to beat the heat? Peruse these top Privacy stories from around the web.

The Internet needs its own ‘declaration of independence’
Christian Science Monitor
A new ‘Declaration of Internet Freedom’ should spark a much-needed discussion about online rights and privacy.

Homeowners Bill of Rights passes in California
Examiner.com
According to Assembly Speaker John Perez (D-Los Angeles), the key provisions of the Homeowners Bill of Rights legislation include: “a requirement that a person or team of persons employed by a lender to be a single point of contact for the homeowner.

Facebook Joins California Mobile App Privacy Program
InformationWeek
California launched its mobile app privacy program in February 2012, just one day before the White House announced its proposed Consumer Privacy Bill of Rights. From the outset, the state announced that the six companies with the biggest mobile app …

How California’s New Homeowners’ Bill Of Rights Protects Against Wrongful Foreclosures.
ThinkProgress
The “Homeowners’ Bill of Rights,” pushed by state Attorney General Kamala Harris (D), aims to extend to the state level many of the protections ensured by the mortgage fraud settlement between six big banks and the federal government and states.

Descendants of the signers to read the Declaration of Independence on July 4
American Civil Liberties Union News and Information (blog)
“My professional career has been dedicated to advancing people’s rights and liberties as outlined in the Declaration and in the Constitution and its Bill of Rights,” said Murphy, the Director of the American Civil Liberties Union’s Washington …

Independence Day: Ghosts of SCOTUS on the fundamental right to privacy
Network World
While the Constitution may not specifically state the right to privacy, the Bill of Rights most assuredly protects aspects of privacy. In 1965, the Supreme Court ruled 7-2 on the landmark case, Griswold v. Connecticut, and the Justices referenced the …

Cash-Strapped Consumer And Privacy Groups Petition Commerce Dept For Better Participation.
techPresident
That’s the department that’s organizing the workshops that are meant to convene all U.S. stakeholders to develop a code of conduct to implement the administration’s Privacy Bill of Rights. The first workshop is taking place inside the Beltway on July …

Why Kansas City is getting Internet 100 times faster than everyone else
Alaska Dispatch
Yesterday, an impressive coalition of companies and Internet and human rights activists endorsed a Declaration of Internet Freedom that aims to start a discussion about the basic principles that should underlie online access. Among the 20000 groups or …

Celebrate your independence: You have rights as a taxpayer
Savannah Morning News
Years after the War the Bill of Rights was drafted and 10 amendments were added to our Constitution. … Privacy and confidentiality: The IRS may not discuss any of the facts and information given to them with anyone except in accordance with the law.

Do you have information or data privacy and security concerns? Contact David Adler at Leavens, Strand, Glover & Adler for a free consultation.

Social Media & The Law: Recent Developments in Privacy, Security & Media

Statute Puts Online Libraries and Other Service Providers at Risk
Kansas City infoZine

A New Washington State Law Intends to Make Online Service Providers Criminally Liable For Online Postings. The Electronic Frontier Foundation (EFF) is representing the Internet Archive in order to block the enforcement of SB 6251, a law aimed at combating advertisements for underage sex workers but with vague and overbroad language that is squarely in conflict with federal law.

NLRB General Counsel Issues Further Guidance on Social Media
National Labor Relations Board (“NLRB”) is closely scrutinizing employer social media policies.

Legal issues in the media
Social Media Legal, Regulatory & Compliance: Risks & Issues Social Media Slideshare presentation.

Putting the Consumer Privacy Bill of Rights into Practice
Providing transparency in how consumer data is handled by mobile applications – this is the first topic for the National Telecommunications and Information…

US lawmakers propose digital bill of rights to safeguard privacy …
Two US lawmakers have proposed a digital bill of rights to safeguard consumer privacy rights and ensure internet freedom.

Stakeholders to Discuss Consumer Privacy Bill of Rights
The National Telecommunications and Information Administration (NTIA) will convene stakeholders July 12, 2012 in Washington, DC to develop a privacy code of conduct.

Socail Media, Search & Mobile Issues Discussed at ISSMM.org’s Converge2012

The Future Of Social Is Moving From Mere Participation To Analysis & Strategic Initiatives

I had the opportunity to attend and participate in Converge 2012 run by the Institute for Social, Search & Mobile Marketing. The theme was mastering the Business of Social Media. The Conference had a great selection of speakers (yours truly included) and topics that really resonated with the audience. I hope to summarize here some of the take-aways I learned at this conference.

Business Is Now Social

The last few years have seen an unprecedented shift in the adoption of social platforms for businesses to reach and interact with customers. What started as a “dipping our toes into the water” excerise has now matured into jumping in with both feet. Not surprisingly, the first few presentations of the conference focused on the effect of so much participation: greater focus on ROI. The presentations covered a lot of ground, but here are the key take aways from Day 1:

  • Businesses that fail to integrate the social channels may not exist in five years
  • Analytics are maturing in terms of both measurement tools and metrics
  • Better analytics are driving innovation by putting companies ahead of emerging issues instead of simply reacting to them
  • Creating a Social Media culture must come from the top and flow down
  • The growth of mobile platforms Is blurring the line between online and in-store experiences because of anywhere/anytime andpersonalized access

Day 1 concluded with the panel presentation in which I participated “Social Media “Venture Heaven” Money is flooding into social media, It’s time to understand why.” Key take-aways from this panel include the followig Data about the growth in Mobile:

  • As of May, 2012, mobile comprises 10% of Internet traffic, up from just 4% less than a year and a half ago
  • Mobile = ~8% of ecommerce
  • Monetization growing rapidly 79% is Apps, 21% is from ads
  • There has been a rapid increase in time spent relative money spent on ads; TV is roughly at parity while Mobile ad spend is about 1/10 of that
  • Drivers of growth in Mobile:
    • Devices
    • Platforms
    • Improved user interfaces
    • Sharing
    • More emphasis on design aestheticS

In a world of ubiquitous fast Internet,  mass blogging and micro-blogging, minute-by-minute status updates and customer complaints and recommendations, businesses need to focus on tailoring their product for their customers desires, rather that merely tolerating customer requests. Whatever device/platform customers use most will get the most attention from developers, accessory makers and potential new customers.

Internet Privacy Legal News Update

Facebook IPO: Why Your Data Is Worth $93 Billion
PCWorld

(See “Protect Our Data! A Digital Consumer Bill of Rights” and “A Bill of Rights for Facebook Users” for related discussion.) The temptation to exploit user data in ways that erode privacy will always be present. Just by joining Facebook, …

Twitter Joins Google, Apple, Microsoft, Others in ‘Do Not Track Effort’
eWeek

In addition, in February the White House proposed a “bill of rights” to protect consumer privacy online, including an easy way for users to tell Internet companies with one click whether they want their online activity to be tracked.

Twitter Allows ‘Do Not Track’ Privacy Feature
CMSWire

Howard A. Schmidt is returning to the private life, but the White House is still pushing for some kind of legislation in the Consumer Prvacy Bill of Rights fashion. While the Cyber Intelligence Sharing and Protection Act passed the House of …

EPIC Supports Geolocation Privacy Act, Suggests Improvement
JD Supra (press release)

Your decision to hold this hearing will help protect important privacy rights. The Electronic Privacy Information Center (“EPIC”) is a non-partisan public interest research organization established in 1994 to focus public attention on emerging privacy …
See all stories on this topic »

Will the News of the World voicemail snooping saga accelerate US privacy reform?

The United States is one the few countries in the developed world that lacks a comprehensive law protecting consumer privacy. Geolocation, personalized ads, group-buying deals, tracking cookies and other technologies have a wide range of privacy implications. Incidents like the phone-hacking scandal in the U.K. underscore the growing concern among both the general public and Congress here in the U.S.

Unlike citizens in Europe, Asia and Latin America, U.S. laws addressing rights and obligations surrounding sensitive-information tend to be sector-specific and inconsistent (HIPPA, COPPA, etc.). Notably, the FTC, the federal agency tasked with safeguarding consumers, has taken a largely laissez-faire approach. The result of Guidelines and enforcement actions is essentially a policy of “do as you like, just don’t lie about it.”

While congressional attention has been focused on updating the regulatory regime, the current legislation reflects the piecemeal approach of the past. Here is a break-down of the Five leading government privacy initiatives. Bills starting with H.R. are from the US House, and bills starting with S. are from the US Senate. The numbers are from the 112th Congress: 2011-2012.

H.R. 654: Do Not Track Me Online Act, sponsored by Rep. Jackie Speier [D-CA12] is to direct the Federal Trade Commission to prescribe regulations regarding the collection and use of information obtained by tracking the Internet activity of an individual, introduced Feb 11, 2011. Status: This bill is in the first step in the legislative process.

S. 913: Do-Not-Track Online Act of 2011, sponsored by Sen. John Rockefeller [D-WV] is a bill to require the Federal Trade Commission to prescribe regulations regarding the collection and use of personal information obtained by tracking the online activity of an individual, introduced May 9, 2011. Status: This bill is in the first step in the legislative process.

H.R. 1895: Do Not Track Kids Act of 2011, sponsored by Representatives Edward J. Markey, Massachusetts Democrat, and Joe Barton, Texas Republican, is aimed specifically at internet marketing to minors, introduced May 13, 2011. Status: This bill is in the first step in the legislative process.

S. 413: Cybersecurity and Internet Freedom Act of 2011, associated with the phrase the “internet kill switch” was, sponsored by Sen. Joseph Lieberman [I-CT], introduced Feb 17, 2011. Status: This bill is in the first step in the legislative process.

S. 799: Commercial Privacy Bill of Rights Act of 2011, sponsored by Sen. John Kerry [D-MA] Introduced Apr 12, 2011. Status: This bill is in the first step in the legislative process

Complete text of the various bills is available at GovTrack.us.

ABOUT THE AUTHOR

David M. Adler, Esq. is an attorney, author, educator, entrepreneur and partner at the boutique intellectual property, entertainment & media law firm LEAVENS, STRAND, GLOVER & ADLER, LLC based in Chicago, Illinois. My responsibilities include providing advice to business units and executives on copyright, trademark, ecommerce, software/IT, media & entertainment and issues associated with creating and commercializing innovations and creative content, drafting and negotiating contracts and licenses, advising on securities laws and corporate governance and managing outside counsel. Learn more about me here: http://www.ecommerceattorney.com and here: hLeavens Strand Glover & Adler, LLC