California’s Privacy Law Will Directly Impact Internet Marketers

California has enacted the most stringent, GDPR-like privacy legislation in the United States. It will directly impact the way that digital marketers do business and the manner in which consumers’ personal data is collected and monetized.

The California Privacy Act (AB 375) will take effect in January 2020. It provides consumers with the right to request and access the data that has been collected about them, request who – specifically – it has been shared with, demand that it be deleted and to refuse to allow the sale thereof. Opt-in consent will be required to collect data on children under sixteen years of age.

Consumers will not possess unprecedented power to protect their data. It will also be unlawful for companies to discriminate against consumers that choose to exercise their privacy rights

So, in addition to posting a privacy policy that sets forth information collected from consumers and how it is shared, tech companies will now be required to clearly disclose the information that they collected, upon request. They will be obligated to disclose the types of information collected, who it is shared with (e.g., advertisers) and the collection purposes. Companies will be required to offer a simple mechanism for consumers to access their data and opt-out of having it sold to third-parties.

The legislation was passed following the recent enactment of Colorado’s groundbreaking cybersecurity law and the recent implementation of the European Union’s privacy regulations. It also comes on the heels of the increasing number of regulatory investigations and enforcement actions against companies that have collected and utilized consumer information without consent and/or for illegitimate purposes.

The Act will be enforced by the California Attorney General and individual consumers. Penalties for non-compliance can reach as high as $7,500, per violation. The new law will also make it easier to initiate legal action against companies that fail to secure consumers’ sensitive information against cyber threats.

See the legislation, here.

Richard B. Newman is a privacy and data security compliance lawyer at Hinch Newman LLP.

Informational purposes only. Not legal advice. Previous case results do not guarantee similar future result. Hinch Newman LLP | 40 Wall St., 35th Floor, New York, NY 10005 | (212) 756-8777.


Richard B. Newman

Richard B. Newman is a nationally recognized FTC advertising compliance, CID investigation and regulatory enforcemetn attorney. He regularly provides advertising counsel and represents clients in high-profile investigations and enforcement proceedings initiated by the Federal Trade Commission, state attorneys general, departments of consumer affairs, and other federal and state agencies with jurisdiction over advertising and marketing practices. Richard is also an ecommerce lawyer and spam defense attorney. His practice additionally focuses upon false advertising defense, data privacy, cybersquatting, intellectual property law and transactional matters relating to the dissemination of national advertising campaigns, including the gamut of affiliate marketing, telemarketing, lead generation, list management and licensing agreements. Richard advises clients on how to minimize the legal risks associated with digital marketing, email marketing, telemarketing, social media influencer campaigns, endorsements and testimonials, negative option marketing models, native advertising, online promotions and comparative advertising,

To Learn More About This Topic or if You Have Questions, Contact an Experienced FTC Compliance and Defense Lawyer