On August 26, the California legislature passed AB 370, which would require commercial websites and other online services such as mobile apps to include language in their privacy policies disclosing whether the service uses third-party vendors to track users across a network of other websites or online services, and how the users can opt out of such tracking using a centralized “do not track” signal or other mechanism. If signed by the governor, as expected, this bill would apply de facto to most websites and mobile apps by virtue of their accessibility in California, and would require revision of many privacy policies as a result.