The law takes effect January 1, 2014, and requires that most website operators disclose
- how they respond to a web browser’s “do not track” (DNT) signal, and
- whether third parties can collect a user's personal information across a network of sites.
Though this is a California law, it impacts most U.S. based operators of commercial websites or online services. Compliance is required for any website that collects personal information about users from California.
The Law in More Detail: More specifically, the new law provides that:
- The operator must also disclose whether third-parties may collect PII when a consumer uses the operator's website or online service.
Although the new law will take effect on January 1, 2014, if an operator is notified of non-compliance, the operator may post a compliant disclosure/policy within 30 days to avoid a violation.
What does this mean for you?