California AG Pursues App Crack Down
28 November 2012
California attorney general Kamala D Harris has started to formally notify scores of mobile application developers and companies that they are not in compliance with California privacy law.
The companies were given 30 days to conspicuously post a privacy policy within their app that informs users of what personally identifiable information about them is being collected and what will be done with that private information. Letters will be sent out to up to 100 non-compliant apps at this time, starting with those who have the most popular apps available on mobile platforms.
“Protecting the privacy of online consumers is a serious law enforcement matter,” said Harris. “We have worked hard to ensure that app developers are aware of their legal obligations to respect the privacy of Californians, but it is critical that we take all necessary steps to enforce California’s privacy laws.”
The letters are the first step in taking legal action to enforce the California Online Privacy Protection Act, which requires commercial operators of online services, including mobile and social apps, which collect personally identifiable information from Californians to conspicuously post a privacy policy. Companies can face fines of up to US$2,500 each time a non-compliant app is downloaded.
The action follows an agreement the attorney general forged among seven leading mobile and social app platforms to improve privacy protections for millions of users around the globe who use apps on their smartphones, tablets, and other electronic devices. Those platforms – Amazon, Apple, Facebook, Google, Hewlett-Packard, Microsoft, and Research in Motion – agreed to privacy principles designed to bring the industry in line with California law requiring mobile apps that collect personal information to have a privacy policy. The agreement allows consumers the opportunity to review an app’s privacy policy before they download the app rather than after, and offers consumers a consistent location for an app’s privacy policy on the application-download screen in the platform store.
The California Online Privacy Protection Act is one of the privacy laws that the Privacy Enforcement and Protection Unit is charged with enforcing. Created in 2012, the Privacy Unit’s mission is to enforce federal and state privacy laws regulating the collection, retention, disclosure, and destruction of private or sensitive information by individuals, organizations, and the government. This includes laws relating to cyber privacy, health privacy, financial privacy, identity theft, government records and data breaches.
