This post was also written by Joshua B. Marker and Katrina M. Kershner.
We previously noted that the California legislature had recently passed and sent to the governor’s desk a number of different data privacy bills this term. This past Friday, California Governor Jerry Brown signed into law one of those bills, AB 370 – legislation that imposes new disclosure requirements on commercial websites and online services that collect personally identifiable information (PII) on users. The legislation, the “Do Not Track” disclosure law, is the first law of its kind in the United States.
As explained in our previous blog, all the major browsers offer “Do Not Track” options, which signal to sites that the individuals do not want their behavior tracked. Honoring the “Do Not Track” signal by refraining from collecting information on the individual is voluntary. The new law does not change this, but it does now require disclosure of whether and to what extent the site honors the “Do Not Track” signal.