Barely six weeks into the new year and already we are seeing numerous bills introduced in the state legislatures. These bills are wide ranging, and address topics such as data breach notification, written information security policies, privacy policies, and use of social security numbers, among others.  Perhaps one of the more intriguing bills is California Assembly Member Chau’s proposal AB 242 (introduced on Feb. 6), which would to require websites to post privacy policies no greater than 100 words. Under California’s current law, websites that collect personally identifiable information (“PII”) about California consumers are required to post a privacy policy regarding their information collection and disclosure practices. The bill would require such privacy policies to be written in clear and concise language, at no greater than an 8th grade level, and to include a statement regarding whether the PII would be sold or shared with others — and all in 100 words {this post is 149 words so far}.

Continuing on California’s focus on mobile applications, Assembly Member Hall introduced a bill to impose obligations on mobile applications. As proposed, the bill would require mobile apps to satisfy specified privacy requirements, procedures to allow consumers to access their own PII, safeguards to protect PII, and a requirement that the operator provide a supplemental privacy notice if an application collects information that is not essential to the app’s primary functions. The bill also would establish specified requirements regarding the display of advertisements on mobile apps.

2013 is certain to be a busy year in the privacy space.