On July 1, 2004, the Online Privacy Protection Act of 2003 went into effect. This law requires any websites that collect personally identifiable information from California residents to post a privacy policy on their site. A second law will be going into effect on January 1, 2005 that requires sites to notify California residents which third party vendors they will be sharing their information with.

Lawyer Justine Young Gottshall describes how to make sure your site complies:

To comply with the Online Privacy Protection Act of 2003, a web site must conspicuously post a privacy policy, by taking specific steps delineated in the statute, such as posting a prominent, distinguishable link on the homepage. The policy must explain what personally identifiable information the web site or service collects, any third parties with whom it may share the personally identifiable information, and a description of any process available to the consumer to review and request a change to his or her information. The privacy policy also must state its effective date and the process the web site or online service will use to notify consumers about a change in its privacy policy.

She recommends that

Therefore, in light of the pending Act and existing United States law, we recommend that most businesses that maintain a web site consider the following steps:

Understand your business practices, including the various ways and places you collect personal information from consumers, the technology used on your web sites, the various ways you market to consumers, and the ways in which you may share information with third parties.

Draft an accurate privacy policy that discloses all relevant information, maintains adequate flexibility for marketing, and complies with applicable current laws.

Audit your web site and other relevant marketing tools to ensure there are no conflicting or inaccurate statements regarding how you collect and handle personal information, and that you are in compliance with applicable laws (such as the Children’s Online Privacy Protection Act).

Ensure that the security of the personal information you collect and maintain is reasonable under the circumstances, which will vary depending upon the size of your organization, the type of information collected, and statements made to consumers.

Institute adequate compliance procedures to protect your business from inadvertent breaches of your privacy promises and to shield your business from potential liability to the greatest extent possible.

» Read Article: New California Marketing Laws and How They May Impact Your Business

Random Posts

• Book Review: Persuasive Online Copywriting
• Guy Kawasaki’s Advice on Blogging
• Why Clever Slogans And Taglines Aren’t the Secret to More Sales
• 12 Ways to Market Your Blog
• Anonymous Comments: The Problem With Not So Friendly People