On July 1, 2004, an important California consumer law comes into effect, called the Online Privacy Protection Act. It requires commercial web sites that gather personally identifiable information about Calfornians to post a privacy policy on their home page. It's expected that the majority of commercial web sites will need to comply with California's new law, if they do not already.
The Online Privacy Protection Act (CA Business and Professions Code 22575-22579) was introduced by Assemblyman Joe Simitian of Palo Alto. The law states that if a web site collects information such as first and last name, mailing address, email address, phone number, or Social Security number and is considered a commercial entity, it must post a link to its privacy policy on its home page that includes the following:
-- The categories of personal information that are collected.
-- The categories of third parties with whom personal information may be shared.
-- The ability for consumers to review the personal information the site has collected
and the ability to remove it if allowed.
-- The process by which the web site owner will notify consumers when the privacy
policy is changed.
-- The effective date of the policy.
According to Jordana Beebe, Communication Director for the Privacy Rights Clearinghouse, "We welcome this important new law and strongly support the principles outlined in the Act. It's a matter of openness. Consumers should know before they provide personal information exactly how a web site intends to use it." She added, "Companies need to not only post a policy, but strictly adhere to it as well. After all, a privacy policy is basically a contract with those individuals who are submitting their personal information to the web site."
According to the Privacy Rights Clearinghouse, if you are a Californian and know of a site that is collecting personal information without posting a privacy policy, or a site that does not meet the law's criteria as of July 1, you can put the company on notice by giving them 30 days to either update or post their policy. The PRC has posted a form letter on its web site that California consumers can tailor if they know of a site that is not complying with the new law.
Posted: Jun 28 2004
