California cracks down on mobile app privacy violators


California Attorney General Kamala Harris plans to penalize mobile application developers and the companies behind apps that infringe on mobile device users' privacy, if they do not make changes.

She began Oct. 29 formally notifying violators of the state's privacy law, giving them 30 days to conspicuously post a privacy policy within their app, according to an Oct. 30 statement. The policy must state what personally-identifiable information is collected through the app and how it is used.

"Protecting the privacy of online consumers is a serious law enforcement matter," said Harris in the statement. "It is critical that we take all necessary steps to enforce California's privacy laws."

In the first round of mailings, the state will send notices to up to 100 non-compliant apps, starting with the most downloaded.

Business and Professions Codes §§ 22575-22579, which were enacted as part of 2003's California Online Privacy Protection Act, require websites and online services that collect PII and "conspicuously post" privacy policies and give users the opportunity to read the policy before downloading.

Under the law, companies can face fines of up to $2,500 each time a non-compliant app is downloaded, says the attorney general's office.

According to the Los Angeles Times, United, Delta and Open Table are just some of the companies that received letters from Harris notifying the companies that their mobile apps are in violation of Calif. privacy laws.

For more:
- read the Calif. Justice Department press release
- download a sample non-compliance letter

Related Articles:
California governor vetoes location data legislation
White House: 'Consumer Privacy Bill of Rights' a step toward do not track legislation
Audio: White House, Commerce, FTC officials discuss online privacy initiative