California Online Privacy Protection Act
Subscribe to California Online Privacy Protection Act's Posts

McDermott To De-Mystify CalOPPA Compliance During February 25 Webinar

As we have previously discussed, California Governor Brown signed into law amendments to the California Online Privacy Protection Act (CalOPPA), the 2004 law that requires commercial websites, mobile apps and digital service providers to “conspicuously” post a “privacy policy” if the site or service collects personally identifiable information about California residents.  The amendments to CalOPPA add two new disclosure requirements for privacy policies required by CalOPPA:

  • The privacy policy must explain how the website “responds to ‘Do Not Track’ signals from web browsers or other mechanisms that provide California residents the ability to “exercise choice” about collection of their personally identifiable information. 
  • The privacy policy must disclose whether third parties use or may use the website to track (i.e., collect personally identifiable information about) individual California residents “over time and across third-party websites.”

Under amended CalOPPA, websites, mobile apps and digital service providers should have updated their privacy policies to include the new disclosure requirements by January 1, 2014. But, due to confusion about (among other things) what “Do Not Track” really means, many consumer-facing website operators and service providers in the digital and mobile space have not yet made the needed policy updates.

To learn more about CalOPPA and tips for complying with the new amendments, join Of Digital Interest’s editors Heather Egan Sussman and Julia Jacobson tomorrow (February 25th) at the 90-minute Track Me, Track Me Not: Complying with California’s Do Not Track Disclosure Requirements live webinar.

For details and to register, visit https://www.lorman.com/live-webinar/393528.




In with the New: 2014 Privacy, Advertising and Digital Media Predictions

Data privacy and security made the headlines practically daily in 2013.  Our second annual Privacy and Data Protection 2013 Year in Review topped 65 pages!

What privacy, advertising and digital media trends will make headlines in 2014? Here are predictions from Of Digital Interest’s U.S. editorial team:

User Tracking Law Enforcement in California: “Amendments to the California Online Privacy Protection Act (CalOPPA) took effect on January 1, 2014 that require every website that is available to California residents to disclose how it responds to Do Not Track signals from web browsers and what third party data collection is occurring on the website.  I predict that we will see enforcement activity from the California Attorney General about whether website owners/operators have made disclosures to consumers that not only meet the new CalOPPA requirements but also accurately reflect tracking activities by the website and by third parties.”  – Heather Egan Sussman, Partner

No Kid-ding:  “January 1 marked the six-month anniversary of the effective date of the amended “COPPA Rule,” which requires businesses to have parental consent before personal information is collected from kids under age 13.  Having just approved a parental consent method (in December), I predict that the Federal Trade Commission (FTC) will initiate COPPA enforcement actions related to social media (now that photos and videos are personal information under COPPA) and in mobile apps (now that COPPA covers geo-location data).  Perhaps the FTC will start by investigating the app developers to which the FTC sent letters explaining their new COPPA compliance responsibilities last May.”  – Julia Jacobson, Partner

Safe Harbor Will Stay Safe:  “Last year’s government surveillance accusations made the U.S. Safe Harbor Program a flash point for debate between EU and U.S. data protection regulators.  Nevertheless, very few on either side of the Atlantic believe that companies properly certified under the Safe Harbor Program should disrupt data transfers necessary to meet credible business objectives.   I predict that the rhetoric will continue, but so will the U.S. Safe Harbor Program, albeit perhaps tweaked in response to the European Commission’s recently-issued recommendations to improve the Progam’s effectiveness.   More debate to come in 2014, but, meanwhile, many U.S. companies will continue to view Safe Harbor certification as their preferred approach to E.U. data protection compliance and will continue to implement data protection policies and programs intended to comply with the Safe Harbor Principles.”  – Ann Killilea, Counsel

Cloudy Forecast:  “The year of 2014 is quickly becoming the year of the mega-sized data breach, with the Target and Neiman Marcus incidents leading the way.  Corporate customers have long been aware that cloud offerings present data security concerns, but may not have been as laser-focused on the data breach aspects as they should.  I predict that in 2014, as the cloud service market becomes a commercial fact of life, data breach concerns will dominate how customers select and contract with their cloud service providers, and how they implement their incident response plans by including cloud service providers in their preparations.”  – [...]

Continue Reading




To Track or Not to Track

October 21, 2013 Digital advertising based on tracking users’ interests and related privacy concerns have been the subject of many recent news articles. What does this mean for businesses?  Evolving industry practices and new legislation relating to online privacy and user tracking likely require changes to online privacy practices and policies.

To read the full article, click here.




STAY CONNECTED

TOPICS

ARCHIVES

2021 Chambers USA top ranked firm
LEgal 500 EMEA top tier firm 2021