Internet Privacy Law

Internet Marketing is the modern age miracle for Marketers. Getting your word out to the masses quickly and automatically, and at next to no cost retrieve customers details and information, is a boon for many companies.

internet-privacy-laws-1024x424 Internet Privacy Law

But – Being the guardian of all of that personal information means additional responsibility.

Federal Implications

If a business directly (or indirectly via an agent) violates its own internet privacy policy, it is seen as carrying out deceptive or unfair trade practices and can be prosecuted by the Federal Trade Commission (the “FTC”) under Section 5 of the FTC Act. Some businesses trying to make sure that they could not be prosecuted by the FTC, created a loophole by choosing not to publish a privacy policy at all, but where did that leave the consumer?

State Internet Privacy Protection

As this loophole allowed deceptive marketers to use customers information as they wished, state legislation was introduced to protect the consumer and close the loophole for the states residents. The State of California did this with SB 27 and AB 68.

SB 27

Allows a customer to ask a business for exactly what information has been collected from them and whom they have shared it with. Businesses must comply with the request by listing the categories of information gathered, and the names and addresses of any direct marketers the information has been given to within 30 days of the request. The law is codified in Section 1798.83 of the California Civil Code.

Who it applies to;
Any business that has a relationship with a customer and has disclosed customers personal information to a third party who will use the personal information for direct marketing purposes.


  • Any business whose privacy policy publicly states that they will only disclose any personal information to third parties for direct marketing purposes if the customer is given explicit opt-in or opt-out capabilities by the third party.
  • Nonprofits.
  • Businesses with less than 20 full time or part time employees.
  • Political Fundraisers.
  • Financial Businesses that are already compliant with the California Financial Information Privacy Act.

SB 27 specifically states that if a customer has to accept a provision waiving his or her rights to the use of their private information, such a waiver is void and against public policy.

A business must provide its customers with either a toll-free phone number, fax number, e-mail address or mailing address that can be used by its customers to request …

  • Categories of information collected from the customer (e.g., name and address, e-mail, date of birth, race, religion, occupation, phone number, education, etc.), AND
  • Third Party Names and addresses of each direct marketer the business has supplied the personal information to during the previous year, AND
  • The Type of Products or Services the third party markets, AND
  • Train all employees (or their supervisors) to respond to a customer’s request relating to use of the customer’s personal information, OR
  • Add a link titled “Your Privacy Rights.” to the home page of the business’s website that takes the customer directly to the business’s general privacy policy. The first page following the link must describe the customer’s rights under SB 27, and provide the customer with information on how to request information from the business. The link must be in larger type than the surrounding text, or in contrasting type, font or color

AB 68

This is a broad law codified in Section 22575 of the California Business and Professions Code), which requires websites or online services to post privacy policies on their sites and to comply with them.

Who it applies to;
Any operator of a commercial website or online service that collects personally identifiable information through the Internet about individual consumers residing in California who use or visit its commercial website or online service.

All online businesses must post a privacy policy on its website or, if the business is an online service with no website, must make the policy available by other reasonably accessible means. At a minimum, the privacy policy must …

  • Provide details of how a consumer can review and amend any of his or her personal information to the extent the business maintains a process for doing so
  • Describe the categories of personal information collected, and categories of third parties and their agents with whom the online business may share such information;
  • Describe the process by which the operator of the Web site or online service will notify consumers of material changes to its privacy policy; and
  • Identify the effective date of the privacy policy.

As with all laws, details are subject to change. If you would like the most up to date information we would be pleased to refer the lawyers we use, to you.

fb50c5bf790872a8ecad33a6bd15d358?s=100&d=mm&r=g Internet Privacy Law

CEO, Flying Cow Design
Attended University of Auckland
Lives in San Francisco Bay Area

October 15th, 2016

Need help with Internet Marketing?

Write to us with your project details and we will get back to you shortly.

Related Articles
Just a few years ago, it was called the new kid on the block. Esoteric
If you need any free stock photos check out the sites below. Terms of Use
When you say 'Search Engine', you automatically think of 'Google', MSN Search', 'Yahoo Search', etc.
It can be confusing trying to sort out all of the Web and Internet Jargon,
Email marketing is considered by many as one of the new age marketing techniques. Most
“The Internet is becoming the town square for the global village of tomorrow.” ~ Bill
“The Internet is becoming the town square for the global village of tomorrow.” ~ Bill
Google has over 200 parameters that go into deciding where a page should rank for
Search engines try to serve the most relevant result that would meet the needs of
Blogs are like informal platforms for people to share information and communicate. Many times, search