CalOPPA Amendment: What “Do Not Track” Means for You
CalOPPA was amended and signed into law on September 27, 2013, and went into effect on January 1, 2014. California law makers did not do away with the previous version of CalOPPA, but rather added to it. Now, website operators who collect PII from California residents will be required to disclose how they respond to “Do not track signals” or other mechanisms that allow users to choose how their PII is collected regarding their online activities on and across third-party web sites or online services. It should be no surprise that there is a growing public concern for privacy on the Internet, and as the average user becomes more sophisticated they are learning more about the value of their privacy. As a result, many consumers are choosing not to have their online behavior tracked when given the choice.
The existing law and the amendment can be found at the California Legislative Information website in their entirety for your review, and the portion relevant to the new amendment can be found below. Among other things, the operator must:
(5) Disclose how the operator responds to Web browser “do not track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information about an individual consumer’s online activities over time and across third-party Web sites or online services, if the operator engages in that collection.
(6) Disclose whether other parties may collect personally identifiable information about an individual consumer’s online activities over time and across different Web sites when a consumer uses the operator’s Web site or service.
Understanding how your business will approach this is critical. If you collect PII from California residents for the purposes of tracking users’ online activity, this is something to pay attention to. For any questions regarding the information above, please contact us.