California Warns Mobile Apps to Post Privacy Policies


Mobile app developers, take note: California Attorney General Kamala Harris has begun sending warning letters to approximately 100 mobile app developers, formally notifying them that their apps do not have privacy policies that comply with California law. Privacy protection has been a top priority for Attorney General Harris, and these warning letters are just the most recent example of her efforts.

The letters explain that the California Online Privacy Protection Act (CalOPPA) requires operators of commercial websites or online services (including mobile apps) that collect personally identifiable information about California consumers to post a privacy policy. The privacy policy must be "conspicuously" posted and "reasonably accessible" to consumers. The attorney general demanded that the mobile app developers respond within 30 days, describing their specific plans and time frame to comply with CalOPPA or explaining why they believe that their app is not covered by CalOPPA. She warned that violations may result in penalties of up to $2,500 per download of each app by California consumers.

This is not the first time that Attorney General Harris has signaled her concern over mobile apps' privacy policies. Last month she posted what may be the first attempt at privacy enforcement by tweet when she used Twitter to write to United Airlines, "Fabulous app, @United Airlines, but where is your app's #privacy policy?" In February 2012, she reached an agreement with six companies whose platforms comprise the majority of the mobile applications market: Amazon, Apple, Google, Hewlett-Packard, Microsoft, and Research In Motion. These companies agreed to a joint statement of privacy principles designed to ensure that mobile apps post privacy policies in compliance with CalOPPA. Facebook signed on to the joint statement in June 2012, thus adding the primary platform for social applications to the agreement.

The warning letters are yet another step toward positioning California as one of the most active enforcers of consumer privacy rights. In June 2012, Attorney General Harris announced the creation of a new Privacy and Enforcement Protection Unit (Privacy Unit) with the mission of protecting Californians' privacy rights through the civil prosecution of state and federal privacy laws. App developers that do not comply with CalOPPA risk becoming targets of the new Privacy Unit's first enforcement actions.

If you have received a warning letter from Attorney General Harris or have questions regarding your obligations under CalOPPA, please contact Tracy Shapiro at or (415) 947-2042; Lydia Parnes at or (202) 973-8801; Michael Rubin at or (650) 849-3311; or your regular Wilson Sonsini Goodrich & Rosati contact.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Wilson Sonsini Goodrich & Rosati | Attorney Advertising

Written by:


Wilson Sonsini Goodrich & Rosati on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.