In a surprising twist, the California legislature rushed last week to pass one of the most comprehensive privacy laws in the country. The bill was introduced only a week prior, and within hours of passage,
Continue Reading California Enacts Sweeping Privacy Law to Avert Potential Ballot Measure

ThinkstockPhotos-455670115-webBeginning January 1, 2016, the recently-enacted “Delaware Online Privacy and Protection Act”1 (DOPPA) will take effect and will impact all companies with online services used by Delaware residents. DOPPA consists of three separate online privacy laws: (1) a law prohibiting certain types of online marketing or advertising to minors;2 (2) a law requiring commercial websites and online services to post privacy policies;3 and (3) a law restricting government access to user records kept by online book service providers.4 The laws are substantively similar to online privacy laws already in effect in other states, and are particularly similar to laws in effect in California. The Consumer Protection Unit of the Delaware Department of Justice can enforce DOPPA’s three laws under the same provisions that it enforces other state consumer protection laws.5 DOPPA does not create a private right of action for any of the three laws.6
Continue Reading Delaware Enacts New Online Privacy Laws

California Governor Jerry Brown recently signed into law A.B. 370,1 which amends the California Online Privacy Protection Act2 (CalOPPA) to require certain operators of websites and other online services to disclose how they respond when a visitor’s web browser sends a “Do Not Track” signal. The bill also requires operators to disclose the data collection practices of certain third parties operating on the website or online service. Because this law affects every person or company that operates a website or online service that collects personally identifiable information from California consumers, it impacts companies beyond California’s borders. The law takes effect on January 1, 2014.
Continue Reading California Amends CalOPPA to Require Do-No-Track Disclosures

At a May 9, 2013, hearing, the California Superior Court dismissed the lawsuit that California Attorney General Kamala Harris filed against Delta Airlines in December 2012.1 As reported in the January 2013 issue of Eye on Privacy,2 the state’s lawsuit alleged that the company’s “Fly Delta” mobile application (app) violated the California Online Privacy Protection Act (CalOPPA) by failing to provide required privacy disclosures.3 The AG sought enforcement of CalOPPA through California’s Unfair Competition Law (California UCL).4 According to the AG, Delta violated CalOPPA by “fail[ing] to conspicuously post a privacy policy in its Fly Delta app” despite the AG’s earlier written notice of non-compliance, and because the Fly Delta app failed to comply with the privacy policy posted on Delta’s website.5 The court dismissed the action based on its conclusion that the state law claim was preempted by the Federal Airline Deregulation Act of 1978 (ADA).6
Continue Reading Delta Wins Dismissal of California AG Mobile App Privacy Action