What’s so iAWFUL?

California’s legislature pursued nine separate privacy bills targeting the heart of the state’s world-leading tech industry.  It almost seems as if California legislators are competing for the honor of chasing their golden goose out of the Golden State.

(AB 242), (AB 257), (AB 319), (AB 370), (SB 467), (SB 501), (SB 568), (AB 658), (AB 1291)

This year saw a cluster of privacy bills in California that threaten the growth of online interaction and innovation – the golden goose of the state’s economy.  One bill requires all online privacy policies to be less than 100 words (the bill itself, AB 242, is over 500 words).  Another bill (SB 501) would require exactly the opposite – a lengthier privacy disclosure.

Making it harder to keep services free: Of the online services generated by California’s innovative firms, advertising is what makes most of them free for Internet users.  Advertising works when websites can match ads to users’ interests. But legislation designed to protect privacy could make it much harder to learn and retain users’ interests – even interests that aren’t linked to any person’s identity.  AB 257 creates massive, unprecedented limitations on how mobile apps can monetize their free products – which could make you pay for otherwise free apps.

Regulating privacy policies: AB 242 limits privacy policies to 100 words.  While the idea of simplifying privacy policies may be a good one, it is impossible to convey all important privacy information to users in less than 100 words.  To put things in perspective, the bill itself is over 500 words long.  But we shouldn’t try to make privacy policies longer like SB 501 would.

Limiting retail stores’ advertising ability: AB 319, for example, would make it impossible for a supermarket to use emails to advertise its weekly specials to a 17 year-old if the email includes an ad for wine.

Conflicting with other laws: AB 370 that would impose broad limits on internet advertising in the name of cracking down on consumer “tracking.” But this bill conflicts with both a federal Do Not Track legislative process, and a massive non-governmental effort to address the issue through technology.  SB 467 prevents online services from making disclosures required by other states’ laws.

There is still time for California to pull back and keep that golden goose laying more high-paying jobs and paying more into state tax coffers.  But Sacramento legislators need to get a grip – and soon.


Some signs of progress appear as California legislators learn more about the unintended consequences of their bills. AB 1291, which would have force new reporting requirements on things as benign as a session cookie on the smallest of internet companies, is spending another year in consideration.

But the rest of these bills remain threats to the internet.



Avoiding the Do-Not-Track Arms Race


Media Post – “Calif. Lawmaker Withdraws Controversial Privacy Bill — For Now”

MediaPost – “California Considers Law Giving Consumers Access To Their Marketing Profiles”

Computer World  – “California AG: Mobile apps should limit data collection”


The iAWFUL reflects the editorial views of the Executive Director of NetChoice and does not necessarily reflect the views of all NetChoice members.

Back to iAwful list