Published on:

Does Your Mobile App Provide Reasonable Access to Your Privacy Policy?

The privacy practices of mobile applications (“Apps”) have been under scrutiny from a wide variety of domestic and foreign regulatory authorities of late. Most recently, California Attorney General Kamala D. Harris issued a press release regarding a new enforcement effort aimed at bringing mobile Apps into compliance with California’s Online Privacy Protection Act (“CalOPPA” or “Act”).

CalOPPA applies to any online service that collects personally identifiable information through the Internet about a California resident who uses or visits the online service. In other words — the Act appears to apply to the entire world wide web. And now that includes any mobile App that uses the Internet to collect personally identifiable information.
On October 30, 2012, the California Attorney General sent a series of letters to mobile App operators reminding them that CalOPPA requires that they conspicuously post a privacy policy that complies with specified requirements. She stressed that the privacy policy must be “reasonably accessible … for consumers of the online service.”

The Attorney General did not dictate how Apps could comply with the posting requirement. However, she did state that having a website with the applicable privacy policy conspicuously posted may be adequate, but only if a link to that website is “reasonably accessible” to the user within the App. She also warned that, under California’s unfair competition law, violations of CalOPPA may result in penalties of up to $2,500 for each violation. In the context of a mobile App, each copy of the unlawful App downloaded by California consumers would constitute a separate violation.

The California Attorney General’s action is another step towards requiring mobile Apps to provide consumers with the same sorts of privacy protections as they have come to expect when surfing the Web at home or work. What industry and regulators continue to struggle with is doing so in the unique environment of mobile devices.
Click here for a copy of California Attorney General Kamala D. Harris’ press release and a sample non-compliance letter.