With online commercial transactions increasing exponentially over the past several years, data privacy has gradually become a focal point in our society today. Countries in the European Union (EU) and the United Kingdom (UK) have very strong data privacy laws that aim to protect the personal data of countless users who are accessing the internet. Their data privacy legislation likewise regulate how a person’s data is legally collected and handled.
While the EU and the UK have very stringent data privacy laws, the United States is playing catch up at the moment. One of the foremost privacy legislation in the US today is actually not a federal law but a state law. It is the California Online Privacy Protection Act of 2003 or commonly known as the CalOPPA.
Table of Contents
What is CalOPPA?
- First and last names
- Home or other physical addresses
- E-mail addresses
- Telephone numbers
- Social security numbers
- Any other information that permits the physical or online contacting of a person
- contain the word “privacy”;
- be written in capital letters or is equal to or greater in size than the surrounding text on the page; or
- written in a larger type than the surrounding text, or uses a type, font or color that contrasts with the surrounding text, or is clearly distinguishable from surrounding text of the same size by symbols or other means.
- The categories of Personally Identifiable Information the website or mobile app collects from its users
- The reason why the information is being collected
- The process how the website or mobile app collects the information
- The list of third parties with whom the website may share the information
- The process on how a user can review and update their information collected by the website or mobile app
- Disclosure on whether or not the website honors Do Not Track (DNT) requests
What are the Consequences for Not Complying with CalOPPA?
While the CalOPPA does not contain any provisions for penalties and enforcement thereof, non-compliance of its provisions falls under the scope of the State of California’s Unfair Competition Law (UCL). The UCL provides that “unfair competition shall mean and include any unlawful, unfair or fraudulent business act or practice”, therefore violating the CalOPPA falls squarely under the said definition.