Delaware recently enacted four privacy laws–the Online and Personal Privacy Protection Act (DOPPA), the Student Data Privacy Protection Act (SDPPA), the Victim Online Privacy Act (VOPA) and the Employee/Applicant Protection for Social Media Act (ESMA).
DOPPA prohibits website operators from marketing material to minors that may “appeal to the prurient, shameful, or morbid interest of minors” including alcohol, tobacco, firearms, electronic control devices, fireworks, tanning equipment or facilities, dietary supplements, lottery, Internet gambling or lottery, body piercing, branding, tattoos, drug paraphernalia, or tongue splitting.
Finally, DOPPA protects the personal information of digital book services by prohibiting the book service to disclose users’ information to law enforcement, the government or other third parties except under certain circumstances. This law becomes effective on January 1, 2016.
SDPPA is modeled after California’s Student Online Personal Information Privacy Act. It prevents operators of websites, online or cloud computing services, mobile services and mobile apps from selling or using student data for targeted marketing or to amass student data into a profile that can be used for non-educational purposes. The law becomes effective on August 1, 2016.
VOPA prohibits the public posting or display of any identifiable information of victims of crime. The prohibition includes the victim’s address or telephone number. Criminal penalties apply if the law is violated, and aggrieved persons can also seek civil damages. This law becomes effective 90 days after its passage (August 7, 2015).
ESMA is similar to other state laws that have recently been enacted prohibiting employers from requiring employees or applicants to disclose their passwords or account information to social media sites to the employer.