CA Internet Privacy Act - AB 375 (Chau)

Internet Service Providers should ASK US FIRST before sharing our confidential Data

Key Provisions

  • Puts consumers in control of our personal information by prohibiting an Internet Service Provider (ISP) using, disclosing, selling or permitting access to our data, except as required to provide the internet connection for which we subscribe.
  • Broadly protects customer personal information, including name, address, email address, financial, health, and geolocation information, online activities and web browsing history.
  • Prohibits ISPs from charging a consumer more for privacy protection or offering a discount for approving privacy invasion.
  • Requires that the mechanism for obtaining and revoking a consumer’s information sharing consent shall be clear and conspicuous, not misleading, and persistently available at no additional cost.
  • Grants consumers the right to opt-out of allowing the provider to use personal information for marketing of its own communications-related services.   
  • Requires providers to maintain reasonable security procedures and practices.
  • Applies to Broadband Internet Service Providers who connect us to the internet and who can see everything we do online, including AT&T, Verizon, Comcast, Charter Communications and other ISPs.
  • Allows ISPs to use their customers’ information only in appropriate ways
  • Authorizes providers to access to customer personal information without consent under specific circumstances, such as to provide internet services, legal compliance, security and fraud prevention, and emergency services.
  • Allows providers to aggregate customer information into anonymous data sets that contain no individually identifiable data, and use, disclose, sell or permit access to the aggregate data.
  • Applies to internet service providers operating within California and serving California residents.

Learn More