The “Privacy Rights for California Minors in the Digital World Act” came into effect as of January 1, 2015. Business & Professions Code §22581 creates a “right of erasure” which has numerous similarities with the “right to be forgotten” or “right of erasure” that is written into the proposed EU Data Protection Regulation.
The California law requires an operator of an internet website, online service, online or mobile application (web service) who has actual knowledge that minors are using its service to permit a minor who is a registered user of that web service to request and obtain the removal of content or information posted on the web service by that user.
The web service must inform its users of this right to remove or obtain the removal of content or information and provide clear instructions on how a user may remove or request and obtain the removal of such content or information.
The law only applies to content or information that the user has posted on the web service. It does not address content or information posted by a third party. Only content posted by users themselves can be removed at the request of the user.
The law does not address content posted by third parties, such as “revenge porn.” The law provides for several exceptions to this right of erasure. They include, among others, where the content has been anonymized, where the minor has received compensation or consideration for providing the content, and where applicable law requires the web service to maintain the content or information.
A web service is deemed compliant with the law if it renders the content or information no longer visible to other users, even if the content or information remains on the web service’s servers in some form.