Sam Brotman, JD, LLM, MBA September 30, 2013 6 min read

Privacy Issues that Arise for Startups Doing Business in or with the Residents of California


Sam Brotman, JD, LLM, MBA

Owner and Director of Legal
Brotman Law

As in many other areas of law, the State of California has been on the front line of bringing about aggressive changes in the laws concerning protection for online consumers. The economic power and size of California, in addition to being the primary locus for much of the startup activity in the technological world, means that the cost of doing business for many companies includes compliance with California privacy law. Many elements of privacy protection, which are merely recommended by the Federal Trade Commission and other regulatory bodies, are required by statute in California. A prime example is the Online Privacy Protection Act. Technology law scholars, Richard Raysman and Peter Brown, note that the law “requires that any collection of personally identifiable information from California residents through a Web site or online service for commercial purposes be done pursuant to a conspicuously posted privacy policy.” [1] Federal law creates no such requirement for disclosure.

In January of 2005, the state also passed the California Security of Information Law, which specifies businesses must ensure that personal information (defined by statute as name, driver license, Social Security Number, and any financial account numbers including credit cards) is properly protected. Although certain sections of this law has been preempted by federal information security regulations (under HIPAA, Gramm-Leach-Bliley Act, Fair and Accurate Credit Transactions Act, etc…), much of it is still in effect. In addition, Cal. Civ. Code § 1798.81.5, mandates that companies mandate appropriate security measures to protect personal information from unauthorized disclosure.[2] California also has more stringent requirements about the disclosure of information to direct marketers and, pursuant to Cal. Civ. Code § 1798.81.5, requires specific provisions in contracts between companies and thirds parties where private personal information will be communicated to a third party.

Furthermore, under Cal. Civ. Code § 1798.82, companies are liable for security breaches that occur as a result of third party service providers. Business must promptly notify California residents when their personal information was potentially compromised, whether or not they have any actual liability for the breach. Required disclosures for when breaches occur included specific information about the type of breach that occurred and the timing of the breach.[3] The state has assembly has since softened the notice requirement by allowing an entity to provide substitute notice by posting information about the breach on the company’s website. This measure has significantly reduced the cost of notice for startups and small businesses, but the cost of assessing the breach and what specific information was compromised still remains. California was also the first state to establish a centralized method of reporting, recording and cataloging security breaches.

Go to Brotman Tax Resolution Services

Go to The Brotman Virtual Law Office

Go to Resource Blog Homepage

[1] Richard Raysman and Peter Brown, Computer Law: Drafting and Negotiating Forms, CLDNF § 15.02 (2009).

[2] Jeffrey D. Neuburger, Technology, The Internet and Electronic Commerce: Staying Interactive in the High-Tech Environment, A Summary of Recent Developments in the Law. 927 PLI/Pat 699, (February-April 2008)

[3] Cal. Civ. Code §1798.83 et seq.

"Sam is a wonderful, results-oriented and extremely knowledgeable and talented attorney, who really has 'heart' in working on behalf of his clients, and explains options in a straightforward, respectful manner. He has assisted us with great outcomes which have added to our quality of life. I would not hesitate to recommend Sam for his services as he is an ethical, personable and expert attorney in his field. You will likely not be disappointed with Sam's work ethic, approach and his efforts."

-Aileen Dwight, Licensed Clinical Social Worker & Psychotherapist

Last updated: May 18, 2024

Receive the Best of
Brotman Law

Get this topic delivered straight to your inbox.

New call-to-action

Sam Brotman, JD, LLM, MBA

Owner and Director of Legal
Brotman Law



Our best stuff: secrets, tax saving tools, and tax defense strategies from the braintrust at Brotman Law.

  • Expanded benefits during your first consultation with the firm.
  • Priority appointment scheduling and appointment times.
  • Complementary access to our firm’s concierge services.
  • Receive updates and “insider only” tax strategies and tactics.
  • And many more benefits.

Not Sure Where to Start?

Step 1 Start Here

Start Here

These ten big ideas will change the way you think about your taxes and your business.

Start Here

Step 2 Learn About Your Situation

Learn About Your Situation

Find the articles and videos you need to make the right tax decisions in the learning center.

Visit the Learning Center

Step 3 Explore Our Services

Explore Our Services

It is not just about what we do, but who we are, why we do it, and how that benefits you.

View All Services

Step 4 Get Your Game Plan

Get Your Game Plan

Meet with us to outline your strategy. No further obligation, 100% money-back guarantee.

Book an Action Plan