A Guide To California’s Other Online Privacy Laws

Anti-Phishing Act of 2005 This law prohibits “phishing,” the act of posing as a legitimate company or government agency in an email, Web page, or other Internet communication in order to trick a recipient into revealing his or her personal information.

Computer Spyware This law prohibits an unauthorized person from knowingly installing or providing software that performs certain functions, such as taking control of the computer or collecting personally identifiable information, on or to another user’s computer located in California.

Cyberbullying This law defines bullying as one or more acts of sexual harassment, hate violence, or intentional harassment, threats, or intimidation, directed against school district personnel or pupils, committed by a pupil or group of pupils. Bullying, including bullying committed by means of an electronic act, as defined, including a post on a social network Internet Web site, is a ground on which suspension or expulsion may be based.

Library Patron Privacy Protects a library patron’s use records, such as written records or electronic transaction that identifies a patron’s borrowing information or use of library information resources, including, but not limited to, database search records, borrowing records, class records, and any other personally identifiable uses of library resources information requests, or inquiries.

California Online Privacy Protection Act  This law requires operators of commercial web sites or online services that collect personal information on California residents through a web site to conspicuously post a privacy policy on the site and to comply with its policy. The privacy policy must, among other things, identify the categories of personally identifiable information collected about site visitors and the categories of third parties with whom the operator may share the information. An operator is in violation for failure to post a policy within 30 days of being notified of noncompliance, or if the operator either knowingly and willfully or negligently and materially fails to comply with the provisions of its policy.

Personal Information Collected on Internet This law applies to state government agencies. When collecting personal information electronically, agencies must provide certain notices. Before sharing an individual’s information with third parties, agencies must obtain the individual’s written consent.

Privacy of Personal Information Held by ISPs Although not specifically targeted to on-line businesses, this law requires all nonfinancial businesses to disclose to customers, in writing or by electronic mail, the types of personal information the business shares with or sells to a third party for direct marketing purposes or for compensation. Businesses may post a privacy statement that gives customers the opportunity to choose not to share information at no cost.

Public Officials, Online Privacy This law prohibits posting or displaying on the Internet the home address or telephone number of any elected or appointed official, as defined, if the official has made a written demand not to disclose his or her information. Entities receiving such a demand must remove the information immediately and ensure that it is not reposted.

Reader Privacy Act Protects information about the books Californians browse, read or purchase from electronic services and online booksellers, who may have access to detailed information about readers, such as specific pages browsed. Requires a search warrant, court order, or the user’s affirmative consent before such a business can disclose the personal information of its users related to their use of a book, with specified exceptions, including an imminent danger of death or serious injury.

Reproductive Health Care, Online Privacy This law protects the personal safety of reproductive health care providers, employees, volunteers, and patients by prohibiting the posting of any such person’s home address, phone number, or image on the Internet, under specified circumstances.

Safe at Home Participants, Online Privacy This law provides participants in the Secretary of State’s confidential address program, Safe at Home (for victims of domestic violence or stalking and reproductive health care providers, employees, and volunteers) with the right to demand the removal if their personal information, including home address and phone number, from online search engines or databases, and imposes related obligations on the operators of such search engines and databases.

Sources: California Dept of Justice and National Conference of State Legislatures


Read More