Additionally, in September of 2013, California enacted a novel addition to their law on website privacy policies known as “do not track.” This law, AB 370, requires websites that collect personally identifiable information or “PII” of California residents to include certain information in their privacy policies, which must be available in a conspicuous link on their website. PII is defined by California law as:
“individually identifiable information about an individual consumer collected online…from that individual…in an accessible form, including any of the following: first and last name, physical address, email address, phone number, social security number, and any other identifier that permits the physical or online contacting of a specific individual.”
Such disclosures must state whether or not PII is collected, what categories of PII are collected, if PII is made available to third parties, if users can adjust such collections of information, describe how the site notifies users of changes to such collections, the effective date of the policy, whether other parties collect PII when you use their website, and whether or not “do not track” signals from web browsers are complied with. “Do not track” is a signal from a web browser to a web site that is designed to inform the website that the user does not wish to have their usage and information followed and saved by websites, and the idea is that the website would then comply with that request.
Currently, most major web browsers (Internet Explorer, Safari, Chrome, and Mozilla Firefox) support “do not track” signal transmissions, but you have to turn it on. See your preferred web browser’s website for information on how to do this. However, many websites do not listen or comply with such signals, so be sure and take additional measures if you want to prevent this kind of tracking.