Skip to content

California "Do Not Track" Bill Introduced

The state of California is, once again, at the forefront of American privacy rights legislation with new legislation aimed at providing internet users with a method to prevent the collection and use of certain personal information, including personal identifiers, and online search and browsing habits. The new legislation, S.B. 761, was introduced by Sen. Alan Lowenthal (D-Long Beach) and mirrors the federal Do Not Track legislation introduced by Rep. Jackie Speier (D-CA) in February 2011. Interest in Do Not Track legislation increased after the Federal Trade Commission issued a report in December backing the concept.

The legislation would require the California Attorney General, in consultation with the California Office of Privacy Protection, to issue regulations, no later than July 1, 2012, requiring companies doing business in California to provide internet consumers with a method to opt out of the collection or use of any "covered information."

"Covered information" means any of the following information about an individual that is transmitted online:

  • The online activity of the individual (such as websites accessed and content viewed, date and time of access, computer and geolocation information, and the device, browser or application used to access the online information);
  • Any unique or substantially unique identifier, such as a customer number or Internet Protocol address;
  • Name, postal address or other location information, email address or user name, telephone or fax number, or government-issued identification numbers (tax identification number, passport number or driver's license number);
  • Financial account number, credit card or debit card number, or any security code, access code or password to access financial accounts.

"Covered information" does not include information relating to an individual's status as an employee of an organization (such as title, business address, business e-mail address, business telephone or business fax number) or information collected by an employer, prospective employer, or former employer that directly relates to the employee-employer relationship.

The regulations issued by the Attorney General would require "covered entities" to disclose to consumers in an "easily accessible" manner information on their collection, storage, use and disclosure practices, including to whom the information is disclosed. S.B. 761 also allows, but does not require, the Attorney General to issue regulations requiring covered entities to provide consumers with access to their data and privacy policies, in a format that is "clear and easy to understand."

"Covered entity" means a person or entity doing business in California that collects, uses or stores online data containing covered information from a consumer in California. An entity that meets all of the following criteria is not considered a "covered entity":

  • Stores covered information from or about fewer than 15,000 individuals;
  • Collects covered information from or about fewer than 10,000 individuals during any 12-month period;
  • Does not collect or store sensitive information ("sensitive information" includes medical history and health care data, physical or mental health information, race or ethnicity, religious beliefs and affiliation, sexual orientation or sexual behavior, financial information (unless provided by the individual and used to process authorized transactions), geolocation data, unique biometric information, Social Security number and other information determined by the Attorney General, in consultation with the California Office of Privacy Protection);
  • Does not use covered information to study, monitor or analyze the behavior of individuals as its primary business.

S.B. 761 provides for civil lawsuits by the Attorney General and individuals for actual damages up to $1,000 and punitive damages as the court may allow, as well as costs and attorney's fees.

For more information on the content of this alert, please feel free to contact Ieuan Jolly at 212.407.4810 or ijolly@loeb.com.


This client alert is a publication of Loeb & Loeb LLP and is intended to provide information on recent legal developments. This client alert does not create or continue an attorney client relationship nor should it be construed as legal advice or an opinion on specific situations. For more information, please contact a member of Loeb & Loeb's Advanced Media and Technology Group.

Circular 230 Disclosure: To assure compliance with Treasury Department rules governing tax practice, we inform you that any advice (including in any attachment) (1) was not written and is not intended to be used, and cannot be used, for the purpose of avoiding any federal tax penalty that may be imposed on the taxpayer, and (2) may not be used in connection with promoting, marketing or recommending to another person any transaction or matter addressed herein.