Time runs out for apps to post privacy policies or face fines in California


Time has run out for mobile application developers to post conspicuous privacy policies within their apps or face thousands of dollars in fines from California's Justice Department.

California Attorney General Kamala Harris began formally notifying violators of the state's privacy law on Oct. 29 that they had 30 days to post a privacy policy--or face a fine of up to $2,500 each time a noncompliant app is downloaded.

The state DOJ can fine app operators under California's 2003 California Online Privacy Protection Act. The law applies to any online service that collects personally identifiable information about users in California. It exempts third parties that host or manage an app but don't own it.

The required privacy policy must state what personally identifiable information is collected through the app and how it is used.

In its October announcement of its plans to enforce the law, the attorney general's office said it would first send letters to up to 100 noncompliant apps, starting with the most popular.

The editorial board of the San Francisco Chronicle, supportive of the move, wrote on Dec. 3 that "an overwhelming majority of app makers contacted agreed to provide clearer privacy warnings."

Others did not though, the editorial says, and may be fined.

For more:
- go to the attorney general's office's Oct. 30 announcement
- go to the San Francisco Chronicle editorial

Related Articles:
California cracks down on mobile app privacy violators
California governor vetoes location data legislation
White House: 'Consumer Privacy Bill of Rights' a step toward do not track legislation