Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: phranque
This is a really, really dangerous precedent California is setting, which could dramatically drive up the cost of doing business on the Web for small business.
You can see the actual bill here [leginfo.ca.gov].
It just astounds me that this law will potentially affect hundreds of thousands of websites in a couple of weeks, and nobody's talking about it. And the handful of people who are all think it's great -- they're privacy advocates who see it is a victory, without any thought as to the impact on small business.
I'm interested to hear your thoughts.
[edited by: oilman at 4:37 pm (utc) on June 15, 2004]
I don't share your alarm or astonishment.
I do run commercial websites and I am a consumer.
The law actually seems very rational and not all that demanding to small businesses. All it requires is to provide a page which describes how the personal information is used, then provide a conspicious link to that page.
it also does not require me to worry about third-party issues. In other words, if I run google adsense, I don't need to worry about how all of the advertisers are using any data they collect - that's their problem.
I'm sorry, but I don't see the dramatic costs involved.
What I see is a rational, simple approach to the issue: what the heck does that website do with the data that it asks me for?
The requirements are actually far less than the P3P specification demand. Cookie usage, for example, is not covered by this bill, but it is covered by P3P.
To me, this appears to be something that ALL web sites should be doing anyway.
As a small business owner, I don't see this as a big deal.
As a consumer, I am all for privacy policies - the shorter and matter-of-fact the better.
As a person who also has a day job managing a large corporate web site - I don't see it as a big deal either. Perhaps an afternoon to write a policy and a quick visit to the corporate attorney to be sure all is cool, then a few minutes to add it to the site and link it to the home page. Oh wait, we already did that!
Oh wait, we already did that!
Eh, I also....
No big deal. Actually, considering the source, I found the bill to be a pretty masterful job of writing toward an exact (as far as that's possible) objective.
I AM a privacy advocate. I LOVE the privacy strictures written into the "CrystalSinger" series by Anne McCaffrey: NO ONE may ask you questions about your SELF and involvements without running the VERY real risk of having hisser nose snapped off legitimately by a statement of "privacy, citizen!"
Wish it worked that way in real life. I'm seldom averse to VOLUNTEERING information, but I HEARTILY resent people and companies which TAKE information which is not freely offered.
There was another law that went into effect 2004-01-01 which has much more of an impact.
The California law, due to become effective on January 1, 2004 appears to pose the most problems for legal advertisers. It defines spam as email sent without direct consent or a pre-existing or current business relationship. But don't assume your opt-in or double opt-in subscribers automatically fit that category.
There are certain specific procedures that need to be in place on all online forms where consumer data is being collected.
When I set up my personal domain, which I use for most e-mail, I set up a catch-all address. Whenever I register for a site and an e-mail is required, I enter in firstname.lastname@example.org as the e-mail address. It will always get to me because of the catch-all forwarding.
I'm not based in California, so it won't affect me. But at least now, if a company that has my email is based out of california, I can gripe to government if they violate their policy.
I dunno, California has always kinda been the joke of the country to me ... like the little clumsy kid who trips and walks into walls and stuff. You just kinda pretend you didn't notice and try not to laugh. It's the perfect example of why liberal views don't work.
I'm interested to hear your thoughts.
I'm also mildly amused by the fact that it's called the California Online Privacy Protection Act of 2003 and it doesn't go into effect until the middle of 2004.
Your typical work-at-home mom selling home-made jewelry isn't going to be able to do it that fast. Figure a minimum of four, on up to six or eight hours.
Now repeat that (discounted because you don't have the big learning curve) when New York passes theirs, and New Jersey theirs, and so on and so on.
A day initially and a few hours every time a new state passes a privacy law adds up for a solo operator, especially when webmastering isn't their forte'.
And then what happens when they start passing advertising regulations and all kinds of other state-specific laws?
One doesn't seem like that big a deal, but it's a very, very slippery slope.
joined:Apr 25, 2002
The catchall with their address is brilliant. I have used some similar schemes for junk post (my middle name is the name of the company) but hadn't thought of that for email.
As for the 2003 act taking effect in 2004, I think that's typical in that the act is usually dated from the legislative session where enacted, not when it takes effect. I could be wrong though.
"Unsolicited commercial e-mail advertisement" means a
commercial e-mail advertisement sent to a recipient who meets both of
the following criteria:
(1) The recipient has not provided direct consent to receive
advertisements from the advertiser.
(2) The recipient does not have a preexisting or current business
relationship, as defined in subdivision (l), with the advertiser
promoting the lease, sale, rental, gift offer, or other disposition
of any property, goods, services, or extension of credit.