CA Attorney General Enters Deal with Major Tech Companies on Privacy Policy for Apps

by Mike Mintz on March 5, 2012 · 0 comments

in Intellectual Property,Legal Technology

California Attorney General Kamala Harris recently reached an agreement with Apple, Google, Amazon, Microsoft, Hewlett-Packard and Research in Motion in which the six companies conceded that California law requires apps to have privacy policies.  They agreed tha they would require app developers who collect personal information to include these privacy policies. The overwhelming majority of the most-downloaded mobile apps currently do not have privacy policies. Ms. Harris pointed out that people who use these apps are not aware of how their personal information is being used. She indicated that the agreement with the six companies would give the consuming public the tools they need to protect their privacy.

Although the agreement was reached only recently, it is designed to enforce an eight-year old California statute requiring privacy policies.  Until recently it was unclear whether California law, which requires privacy policies from websites, also applied to apps.  Now, apparently, it has been decided that it applies to apps as well.

The deal does not state that the six companies will enforce the privacy policy requirements or that they will delete apps that do not comply with the privacy requirements.  California is responsible for enforcing the law, not the companies. However, the companies did agree to educate app developers on the requirements of the privacy policy statute.

As part of the deal, the companies agreed to continue monitoring by the Attorney General’s office with another meeting scheduled in six months to see what progress they made.

The companies participating in the deal had varying reactions.

Google, for example, would not reveal how it would enforce the rules on its Android smartphone. Instead a spokesman pointed out that Android has a system in place which informs customers what data is accessible to a particular app. Further, it requires approval from the consumer before an app can be installed. Google did allow that consumers of its apps will be given more ways to make informed decisions regarding their privacy.

Research In Motion took a co-operative stance, indicating that it would be working with the attorney general and the developers of apps to publicize their privacy policies.

Microsoft also expressed support for the deal reached with the attorney general, and claimed that it took the issue of consumer privacy most seriously.

Apple merely confirmed its participation in the deal while Amazon refused to comment. Hewlett-Packard would not respond to requests for comment.

The privacy policies provided on websites have proved to be worthless, and consumers do not pay them any attention. These policies contain broad, vague language replete with legalese which is designed to protect companies rather than to inform the consumer as to what information they are collecting.

The attorney general conceded that the aforementioned website privacy policies were obtuse and not something the average consumer could understand. She insisted that the privacy policies for apps would be far different-that they were going to be clear and understandable.  The attorney general reasoned that the requirement to have privacy policies in connection with apps would make the app developers think about what personal information they require be given by consumers and why they require it.  Furthermore, implementation of the privacy policy would allow her office to prosecute app developers that took or used consumer information in ways that violated the privacy policies.

A 2010 study by The Wall Street Journal of 101 popular apps revealed that over half the apps transmitted the smartphone’s unique ID to other companies without the consumers’ awareness or consent. A little less than half the apps transmitted the phone’s location and approximately five percent of the apps transmitted personal details of the consumers to third parties.

The California attorney general is not the only government official concerned about the privacy of mobile apps. The Federal Trade Commission is urging app developers for children to provide more information on their data collection practices. The agency plans to investigate whether apps violate child privacy laws.

The California attorney general, along with 35 other attorneys general, has also singled out Google’s privacy policy as most troubling.  They charged that Google’s new privacy policy, set to take effect this month, invades consumer privacy by automatically sharing the personal information consumers input into one Google product with all other Google products.

Google countered this charge by claiming that its new privacy policy will be clear and easier for the consumer to understand. It further claims that it is implementing increased notifications to consumers and that users will have control over how their services are used.

The new deal reached in California is only the beginning of what promises to be a knotty problem which will present new issues in the future in need of government regulation.

Add a Comment

Asterisks (*) indicate required fields.

Use of and participation in this website are subject to Terms & Conditions