June 3, 2020

June 02, 2020

Subscribe to Latest Legal News and Analysis

June 01, 2020

Subscribe to Latest Legal News and Analysis

California Enacts Anti-Bot and IoT Laws

On September 28, 2018, the Governor of California signed S.B. 1001 into law.  In the absence of a clear and conspicuous disclosure, the legislation makes it unlawful "for any person to use a bot to communicate or interact with another person in California online, with the intent to mislead the other person about its artificial identity for the purpose of knowingly deceiving the person about the content of the communication in order to incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election."

A "bot" is statutorily defined as "an automated online account where all or substantially all of the actions or posts of that account are not the result of a person."  An "online platform" is defined as "any public-facing Internet Web site, Web application, or digital application, including a social network or publication, that has 10,000,000 or more unique monthly United States visitors or users for a majority of months during the preceding 12 months."  A duty is not imposed on service providers of online platforms, including, but not limited to, Web hosting and Internet service providers.

The law takes effect until July 1, 2019.  It will be enforced by the California attorney general and perhaps private plaintiffs via the state’s unfair competition law.

Also on September 28, Governor Brown approved California Senate Bill 327, making California the first state in the nation to regulate the security of the Internet of Things devices.  The law primarily focuses upon security features of IoT devices.  It requires the manufacturer to ensure that “reasonable” and appropriate security features are utilized, including remediating existing vulnerabilities.

The law applies to manufacturers of connected devices sold or offered for sale in California, or entities that contract with others to manufacture products on their behalf.  Exemptions include, without limitation, third-party software or applications that consumers may add to connected devices, and businesses already regulated by the Health Insurance Portability and Accountability Act of 1996.  

The IoT law takes effect on January 1, 2020.  It with be enforced California attorney general and district attorneys.  

© 2020 Hinch Newman LLP


About this Author

Richard Newman, FTC Defense Lawyer, Internet Marketing, Hinch Newman Law Firm

Richard B. Newman is one of the premier FTC advertising compliance and regulatory defense attorneys in the United States.  He regularly provides advertising counsel and represents clients in high-profile investigations (CIDs) and enforcement proceedings initiated by the Federal Trade Commission, state attorneys general, departments of consumer affairs, and other federal and state agencies with jurisdiction over advertising and marketing practices.  Richard also handles  transactional matters relating to the dissemination of national advertising campaigns, including the...