First Online Data Privacy Law Looms in California.

CALIFORNIA; UNITED States

This article reports on the U.S. Online Privacy Act of 2003 which will be implemented in California on July 1, 2004. The online data privacy law was authored by Joseph Simitian, a member of the California State Assembly. Under the law, any online business that collects personally identifiable information California residents is required to take steps such as posting its privacy policy and notifying consumers about what kinds of data will be gathered and how it will be used. The law is structured so that anyone can bring an individual course of action against companies that fail to comply. The AB 68 legislation formalizes what most online businesses have been doing for sometime anyway, said Christopher Pierson, a partners at Lewis and Roca LLP. Consumers had to take action such as filing a complaint with the Federal Trade Commission or suing a company under unfair business practice laws to address an online privacy breach, Pierson said. The bill is not as threatening as other California privacy laws, such as the SB 1386 Database Breach Notification Act and the pending SB 1279 measure that toughens the scope of SB 1386, said a user at a financial services company who requested anonymity.