Does Your Mobile App Provide Reasonable Access to Your Privacy Policy?

On October 30, 2012, California Attorney General Kamala D. Harris issued a press release regarding a new enforcement effort involving California’s Online Privacy Protection Act,  Cal. Bus. & Prof. Code §§ 22575-22579 (“CalOPPA”). CalOPPA requires that “an operator of a commercial Web site or online service that collects personally identifiable information through the Internet about individual consumers residing in California who use or visit its commercial Web site or online service” conspicuously post a privacy policy that complies with specified requirements. In the case of an online service, the privacy policy must be “reasonably accessible … for consumers of the online service.” An operator of a mobile application (“App”) that uses the Internet to collect personally identifiable information is an “online service.” An App’s commercial operator will be required to conspicuously post its privacy policy so that it is reasonably accessible to the consumer. The AG confirmed that, having a website with the applicable privacy policy conspicuously posted may be adequate, but only if a link to that website is “reasonably accessible” to the user within the App. The AG warned that, under California’s unfair competition law, violations of CalOPPA may result in penalties of up to $2,500 for each violation, i.e., for each copy of the unlawful App downloaded by California consumers. Click here for a copy of the California Attorney General Kamala D. Harris’ press release and a sample non-compliance letter.