Anne Holland

Are You Compliant with California's New Online Marketing Law? 2 Tips, 3 Grey Areas, & a Useful Link

July 7th, 2004

Do me a favor — open another window on your computer as you read this and click over to your site’s Privacy Policy.

Why? Because California’s 2003 Online Privacy Protection Act just kicked in July 1st 2004, and if anyone from California visits your site and sees you’re not compliant… say hello to potential law suits.

You have to be involved (not just your legal department) because the Act affects marketing directly in two ways:

#1. You’ll have to make the link to your privacy policy FAR more visible than it probably is now. Tiny type hidden at the bottom of a page won’t do the job.

A smart marketer can make this work to his or her advantage, by developing a graphical icon or text-link copy that’s reassuring to visitors without diverting from your intended conversion path.

In fact, I’ve seen cases in which a properly placed and written privacy link increased conversions by as much as 10%.

#2. You’ll have to make sure whatever you’re doing with the data collected actually matches the privacy policy. It’s scary how quickly privacy policies become outdated. Most marketers don’t have a regular schedule to check the policy still matches reality.

Three semi-grey areas I spotted in the Act:

Grey #1. Email programs

Check with your own legal advisors as the term “online service” equals your emails to house lists. We suspect it does. So, you may have to make your privacy link much more conspicuous in your email creative.

Grey #2. Landing pages

Also, check with legal to see if you should assume the Act extends to campaign microsites and landing pages which may not be obviously part of your main site. We suspect it may, and this means you’ll need to change your privacy policy creative there too.

Grey #3. Third-party-hosted registration forms

If you collect any consumer data using third party services such as a co-registration deal, an online lead generation service, or a co-branded marketing presence, check with legal to see if you need to fret about your partner’s privacy links and statements (both what they say and how links to them appear visually.) We suspect you do.

Why worry?

If a consumer visits your site and alerts you that you are non-compliant (time to ask customer service to look for emails on that topic) you have 30 days to become compliant. If you ignore things, then law suits can be brought against your organization.

Who is not affected?

The Act says it’s about “commercial” Web sites and online services so if you’re not selling anything, you may be ok. Also ISPs, email broadcast firms, database firms, and Web hosting firms can’t be sued for carrying someone else’s non-compliant site or email.

Please note, I’m not a lawyer nor have I had a lawyer review this column. It’s not intended to serve as legal advice you should follow without checking with your own legal counsel first.

Here’s a link to a PDF of the actual Act itself. It’s only four pages and a pretty easy read compared to most legislation I’ve seen in my time.
http://www.leginfo.ca.gov/pub/bill/asm/ab_0051-0100/ab_68_bill_20031012_chaptered.pdf

Categories: Uncategorized Tags:



We no longer accept comments on the MarketingSherpa blog, but we'd love to hear what you've learned about customer-first marketing. Send us a Letter to the Editor to share your story.