California Mobile App Privacy Law

If you develop or offer mobile apps online, you must comply with the California mobile app privacy law regulations. Why? If you don’t, you will be fined $2,500 per user of your app by the California Attorney General.California Mobile App Privacy Law

California Law

The California Online Privacy Protection Act was signed into law in 2003. This law requires an operator of a commercial website or “online service” that collects personally identifiable information through the web to establish and conspicuously post a privacy policy.

Personal Information

Do you always have to comply with the California Online Privacy Protection Act? No. You are exempt if your app does not collect personally identifiable information from users. This information includes the user’s name, email address, telephone number, address, social security number or other information that can be used to identify an individual. This very broad, vague language would seem to suggest it is best to move forward with a privacy policy in nearly every situation.

Real Threat

Is this one of those news stories designed to scare you straight or is this something you really need to address in your business? It is a real threat. There is a sense the Attorney General, Kamala D. Harris, is seeking to build a political career on the topic of privacy. Her conduct so far in attempting to enforce the California Online Privacy Protection Act is supporting this notion.

The first assault by Harris was to strong arm most of the major app platforms to “voluntarily” institute coding making it easier to provide a link to a privacy policy prior to a person downloading an app. The companies she ensnared include Google, Apple, RIM, Amazon, Microsoft, and HP. Put another way, the Attorney General forced Google to change its conduct, unlike the FTC.

What about actual app developers? The assault has begun. The Attorney General sent out 100 notices to different developers recently regarding violations of the California Online Privacy Protection Act. If you are reading this, you might be one of them. Regardless, more notices should be going out each month as Harris has formed a team of attorneys to prosecute app developers on this issue.


Let me be blunt. The financial implications of failing to comply with the privacy requirements of California for an app are devastating. The fine is $2,500 per user. An app with a mere 1,000 downloads that fails to comply with the law would face a fine as high as $2.5 million. Now do I have your attention?

mobile app lawNot In California

What if your app business isn’t located in California? It doesn’t matter. The way the law is written, you must comply as long as a single resident of California downloads your app. Given the population of the state, it is difficult to imagine a scenario where an app would be offered on iTunes or some other platform without at least one person from California being a user.

In Closing

Fortunately, the solution to this scenario is straightforward. A privacy policy compliant with the numerous California privacy laws [there are a number of them] must be developed for each app being offered to the public and then incorporated into the app. Contact me today to get into compliance and avoid the attention of the Attorney General.

Richard A. Chapo, Esq.