Email Newsletter Publishing Strategies  
Search In Ezine-Tips

Email Address:
Christopher Knight

California Online Privacy Law
By Christopher Knight

Print | Bookmark | Subscribe

[Listen to today's Ezine-Tips]

Earlier this year, the California Online Privacy Act (OPPA) of 2003 went into effect on July 1st, 2004. Whether you live in the state of California or not, today's Ezine-Tips applies directly to any organization that collects any personally identifiable information from consumers in California (such as email addresses).

Overview of the OPPA:

The California Online Privacy Protection Act of 2003 (OPPA) is a privacy policy requirement law that requires a privacy policy be "conspicuously" posted on all commercial websites that collect personally identifiable information on California consumers. In addition to requiring you to post your privacy policy (you do have one posted, right?), it also requires companies to adhere to the promises made in their privacy policies.

The new law does provide a 30-day grace period if your organization gets notified that your website is not in compliance with the law. Worst case scenario could mean civil fines or injunctions against you and your organization.

Specifics of the Content & Form of Your Privacy Policy:

The OPPA law requires you to have some specific content in your privacy policy, including:

  • You must have a hyperlink on your main page or main entry page of your website that links to the privacy policy. In other words, you can't bury it deep within your site.

  • If you don't include the words "Privacy" in the text link from your main entry page, your graphical icons must include the word "Privacy" and the color of the graphic must contrast with the rest of your page. In other words, you can't make the color of the graphic match the color of the background. I recommend just doing a text link.

  • If you do the text link recommendation, your text must be the same basic size as the rest of the text on the page. The act recommended CAPITAL LETTERS, but I don't see a need for that. Just keep the font size of your privacy link the same size as the rest of your text.

  • Your privacy policy must identify the types of personally identified information that you will be collecting, such as:

    1. A first and last name.

    2. A home or other physical address, including street name and name of a city or town.

    3. An email address.

    4. A telephone number.

    5. A social security number.

    6. Any other identifier that permits the physical or online contacting of a specific individual.

    7. Information concerning a user that your web site or online service collects from the user and maintains in personally identifiable form in combination with an identifier. In other words, if you use cookies or membership ID's or any other type of system to identify users to connect them with the personal information you also keep in your database.

  • You must make it clear how a consumer can update their personally identifiable information.

  • You must make it clear how you intend to notify the consumer if you make a change to your privacy policy.

  • You must identify the effective date of your privacy policy.

Bottom Line:

You should be proud of your privacy policy as it is your public commitment to protecting the rights of your clients, prospects and your email list members. If you have one posted, today is a good day to review and revise it. If you don't have one posted, today is a great day to get started on yours.

Useful Links:

California Online Privacy Protection Act (OPPA)

Office of Privacy Protection - California Department of Consumer Affairs

This Ezine-Tip was submitted By Christopher Knight -- Email List Marketing Expert, author and entrepreneur. Get your weekly dose of Email newsletter publishing, marketing, promotion, management, email-etiquette, email usability and deliverability tips by joining the free Ezine-Tips newsletter:

Ezine-Tips for November 05, 2004

Additional Ezine-Tips Articles from the Resources Category: