Why Sites Must Know California Internet Regulations

Most sites on the web are at least faintly familiar with the implementation of legal regulations related to their sites. Most, however, have never heard of the California Catch-22. Most sites tend to view complying with legal regulations as a somewhat amorphous subject. You know you are supposed to do something, but are not particularly sure why or what to do. This leads to the rather humorous situation where many sites have terms and conditions that are completely inapplicable the what they are doing and also look startlingly similar to terms and conditions found on other sites. One might even imagine a bit of “cut and paste” was going on, but who am I to say!

Much of the confusion is understandable. It comes from the lack of clear legal directives by the federal government. In most areas, you get vague “suggestions” put forth by an impotent FTC.

Interestingly, one state has taken over for the federal government – California. Because the right of privacy is actually mentioned in the constitution of the state, unlike in the federal version, the state has passed numerous laws regulating how sites must handle visitors information from a privacy perspective, sales information, security efforts and so on. Frankly, it is a pretty amazing that a group of state politicians managed to pull it off. There are laws ranging from how a privacy policy must be set up to requirements that you disclose identify theft events to the media. This is why you see major companies issuing press releases about security breaches leading to identify theft.

As a site owner located outside of California, you are probably wondering why you should care about the laws of California. Well, you better be in compliance because California has a unique way of defining what sites the laws apply to. Nearly all of the relevant California legislation contains provisions defining jurisdiction by the visitor, not the site.

So, what does this mean in plain English? You must comply with the laws if you have any customers that are residents of California or from which you obtain certain types of information. If you make a sale to a California resident, you must comply. If you collect the name, email address and so on as part of creating a newsletter mailing list, you must comply!

Given the size of the California population, it is the rare site that never makes a sale or collects information from a California resident. In short, you need to comply with everything from the California Online Privacy Protect Act to the various identify theft prevention and notice regulations. Fail to do so, and it can come back to haunt you when things go wrong.

Richard A. Chapo is an internet attorney with SanDiegoBusinessLawFirm.com.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: