California's Rights to Privacy and Compliance Programs
California is famous for Hollywood, Disneyland, and the Online Privacy Protection Act.
What? Did you think the Golden State was all fun and games? Californians do more than go to the movies and amusement parks.
In fact, they value the right to privacy so much they enshrined it in Article I of the state constitution. Not even the U.S. Supreme Court could do better in creating a constitutional right to privacy.
"Today, California leads the nation not only as an innovation hub for information technologies, but also with the most comprehensive, stringent and up-to-date information privacy laws," according to excerpts from a privacy practice guide by attorney Lothar Determann.
Privacy Laws
For example, lawmakers have enacted legislation on spam mail, unsolicited phone and text messages, cyber-bullying, identify theft, and social media. That doesn't include the main law affecting website operators -- the Online Privacy Protection Act.
The act requires that website operators post a distinctive link to the website's privacy policy. It must detail the type of information gathered by the website and how the information may be shared with others. The website also must allow the user to review and make changes to their stored information.
In the internet age, these laws do not apply only to California residents and businesses. Companies around the country have to comply with them if their web or mobile sites are accessible to consumers in California, they have customers or employees in California or their enterprise customers have customers or employees in California.
Mitigation Programs
To mitigate risks, as reported by Law.com, companies should add California privacy law considerations to their compliance programs. They should also review their policies with a compliance checklist.
With periodic reviews, businesses lower the risk of missing new legal developments or making bad decisions that could violate privacy laws. In California, many companies are required to implement a formal program or to use special liability protections.
Regulators and law enforcement are less likely to act against companies that unintentionally violate privacy laws if they have reasonable policies. To defend against private litigation, companies can fare better if they acted diligently in protecting privacy rights.
Related Resources:
- Changes in State Breach Notification Laws (International Risk Management Institute)
- Are Food Industry Mergers About to Get Supersized (FindLaw's In House)
- The LDO: A Growing Trend in Legal Departments (FindLaw's In House)