California Warns Mobile Apps to Post Privacy Policies


Mobile app developers, take note: California Attorney General Kamala Harris has begun sending warning letters to approximately 100 mobile app developers, formally notifying them that their apps do not have privacy policies that comply with California law. Privacy protection has been a top priority for Attorney General Harris, and these warning letters are just the most recent example of her efforts.

The letters explain that the California Online Privacy Protection Act (CalOPPA) requires operators of commercial websites or online services (including mobile apps) that collect personally identifiable information about California consumers to post a privacy policy. The privacy policy must be "conspicuously" posted and "reasonably accessible" to consumers. The attorney general demanded that the mobile app developers respond within 30 days, describing their specific plans and time frame to comply with CalOPPA or explaining why they believe that their app is not covered by CalOPPA. She warned that violations may result in penalties of up to $2,500 per download of each app by California consumers.

This is not the first time that Attorney General Harris has signaled her concern over mobile apps' privacy policies. Last month she posted what may be the first attempt at privacy enforcement by tweet when she used Twitter to write to United Airlines, "Fabulous app, @United Airlines, but where is your app's #privacy policy?" In February 2012, she reached an agreement with six companies whose platforms comprise the majority of the mobile applications market: Amazon, Apple, Google, Hewlett-Packard, Microsoft, and Research In Motion. These companies agreed to a joint statement of privacy principles designed to ensure that mobile apps post privacy policies in compliance with CalOPPA. Facebook signed on to the joint statement in June 2012, thus adding the primary platform for social applications to the agreement.

The warning letters are yet another step toward positioning California as one of the most active enforcers of consumer privacy rights. In June 2012, Attorney General Harris announced the creation of a new Privacy and Enforcement Protection Unit (Privacy Unit) with the mission of protecting Californians' privacy rights through the civil prosecution of state and federal privacy laws. App developers that do not comply with CalOPPA risk becoming targets of the new Privacy Unit's first enforcement actions.

If you have received a warning letter from Attorney General Harris or have questions regarding your obligations under CalOPPA, please contact Tracy Shapiro at or (415) 947-2042; Lydia Parnes at or (202) 973-8801; Michael Rubin at or (650) 849-3311; or your regular Wilson Sonsini Goodrich & Rosati contact.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Wilson Sonsini Goodrich & Rosati | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.