Apple v. Super. Ct.

Internet: online privacy in California: finally, the California Online Privacy Protection Act of 2003 (COPPA) shows that the Legislature knows how to make clear that it is regulating online privacy and that it does so by carefully balancing concerns unique to online commerce.  COPPA provides that “an operator of a commercial Web site or online service that collects personally identifiable information through the Internet about individual consumers residing in California who use or visit its commercial Web site or online service shall conspicuously post its privacy policy on its Web site . . . .”  (Bus. & Prof. Code, § 22575, subd. (a).)  The privacy policy must: “(1) Identify the categories of personally identifiable information that the operator collects through the Web site or online service about individual consumers who use or visit its commercial Web site or online service and the categories of third-party persons or entities with whom the operator may share that personally identifiable information. (2) If the operator maintains a process for an individual consumer who uses or visits its commercial Web site or online service to review and request changes to any of his or her personally identifiable information that is collected through the Web site or online service, provide a description of that process.  (3) Describe the process by which the operator notifies consumers who use or visit its commercial Web site or online service of material changes to the operator’s privacy policy for that Web site or online service. (4) Identify its effective date.”  (Bus. & Prof. Code, § 22575, subd. (b).)

COPPA requires online retailers to “conspicuously post” their privacy policies, to disclose “the categories of personally identifiable information” they collect, and to identify “the categories of third-party persons or entities with whom they may share that personally identifiable information.”  (Bus. & Prof. Code, § 22575, subds. (a), (b).)  If a consumer is not satisfied with the policy of a particular retailer, he or she may decline to purchase a product from that retailer.  The Legislature could have reasonably believed that its disclosure regime creates significant incentives, in light of consumer preferences, for online retailers to limit their collection and use of personally identifiable information.

Federal law also provides some degree of protection against the use of personal identification information for unwanted commercial solicitation.  The Telephone Consumer Protection Act of 1991 (TCPA; Pub.L. No. 102–243 (Dec. 20, 1991) 105 Stat. 2394) was enacted “to protect the privacy interests of residential telephone subscribers by placing restrictions on unsolicited, automated telephone calls to the home and to facilitate interstate commerce by restricting certain uses of facsimile . . . machines and automatic dialers.”  (Sen.Rep. No. 102-178, 1st Sess., p. 1, reprinted in 1991 U.S. Code Cong. & Admin. News, p. 1968; see 47 U.S.C. § 227.)  “The TCPA instructs the Federal Communications Commission to issue regulations ‘concerning the need to protect residential telephone subscribers’ privacy rights to avoid receiving telephone solicitations to which they object.”  (Charvat v. NMP, LLC (6th Cir. 2011) 656 F.3d 440, quoting 47 U.S.C. § 227(c)(1).)  “In 2003, two federal agencies — the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) — promulgated rules that together created the national do-not-call registry.  [Citations.]  The national do-not-call registry is a list containing the personal telephone numbers of telephone subscribers who have voluntarily indicated that they do not wish to receive unsolicited calls from commercial telemarketers.  Commercial telemarketers are generally prohibited from calling phone numbers that have been placed on the do-not-call registry, and they must pay an annual fee to access the numbers on the registry so that they can delete those numbers from their telephone solicitation lists.”  (Mainstream Mktg. Servs. v. FTC (10th Cir. 2004) 358 F.3d 1228, 1233–1234, fns. omitted.)  Thus, federal legislation limits the commercial use of customer telephone numbers (Cal. S. Ct., S199384, 04.02.2013, Apple v. Super. Ct.).

Internet : protection des données et Internet en droit californien : la loi de 2003 à ce sujet dispose que l'opérateur d'un site Internet commercial qui recueille des informations personnelles identifiables par le biais d'Internet au sujet de consommateurs individuels domiciliés en Californie qui utilisent ou visitent son site Internet commercial doit indiquer de manière apparente sa politique en matière de protection des données sur dit site Internet. Dite politique en matière de protection des données doit : (1) identifier les catégories d'informations personnelles que l'opérateur recueille par son site Internet au sujet des consommateurs individuels et indiquer les catégories d'entités tierces avec lesquelles ces informations sont partagées; (2) indiquer si l'opérateur maintient une procédure par laquelle le consommateur peut vérifier ses données personnelles précitées et en demander la modification; si une telle procédure est en place, sa mise en œuvre doit être expliquée; (3) décrire la procédure par laquelle l'opérateur annonce au consommateur une modification de sa politique en matière de protection des données; (4) divulguer les dates auxquelles dite politique est en vigueur.

Le droit fédéral apporte également un certain degré de protection contre l'usage de données personnelles à des fins de sollicitations commerciales indésirables. Une loi de 1991 protège contre des appels téléphoniques non sollicités et automatiques. Un registre "do-not-call" fut établi pour protéger le consommateur contre le télémarketing.