Mobile App Developers Targeted By The California Attorney General’s Office

Yesterday, the California Attorney General announced that it has started sending notices of non-compliance to numerous mobile app developers, notifying them that their mobile apps were not compliant with California’s Online Privacy Protection Act, Cal. Bus. & Prof. Code §§ 22575-22579. The law requires operators of online sites and services that collect personal information about California residents to post a privacy policy that complies with specified requirements, including for the privacy policy to be posted conspicuously and reasonably accessible. The Attorney General’s letters explained that, to satisfy the law, at a minimum, a link to the app’s privacy policy needed to be conspicuous and reasonably accessible” to the user within the app. The Attorney General notices are prompting the app developers to make necessary changes within 30 days. The state law provides for penalties of up to $2,500, which the Attorney General notices asserted could apply each time a non-compliant mobile app is downloaded.

This latest development follows the agreements reached earlier in the year between the Attorney General’s Office and Facebook, Amazon, Apple, Google, Hewlett-Packard, Microsoft, and Research In Motion, to improve privacy protections on mobile apps. The agreement included efforts to provide a way for privacy policies to be posted in a consistent location for apps, for the privacy policy to be reviewed prior to download, and for app users to report apps that do not comply with laws or the applicable terms of service.

A copy of the letter that the California Attorney General’s Office sent to mobile app developers can also be found here.