Reader mail: California Online Privacy Protection Act Question

A reader wrote in with a question about the California Online Privacy Protection Act of 2003:

I have been visiting a number of DIY privacy template sites and I realize that I have no idea what info the server I'm hosting on collects, nor their policies for opting out, etc - nor how to find out. I do have a web analysis page, but I never could understand a single thing they were talking about, above the level of whether or not Monday was busier than Friday.

Got any ideas/tips/help?

Well, it probably doesn't matter what info the server you're hosting on collects, if they collect any at all. The California Online Privacy Protection Act only applies to information that allows you to uniquely identify the individual user, so their IP address, which is the only thing your hosting company would probably be detecting. This law would apply if and only if you, the operator, are collecting your visitors' name, e-mail addresses, and other things that allow you to identify the actual person.

So, it applies to anyone who has a newsletter and is signing anyone from California up via their website, which is a whole lot of small Web site operators. But if you, the site operator, aren't collecting that kind of information from them, it doesn't apply. All the information that your host is collecting to give you your traffic reports doesn't allow you to uniquely identify the visitor, so it's not covered by this law.

If this does affect you, for a more detailed analysis of the law and guidelines for creating a compliant privacy policy click here.

Thanks for the question!