• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

California AG and Major App Store Platforms Announce Agreement On Privacy Policies For Mobile Apps while European Mobile Carriers Publish Privacy Guidelines for Mobile Apps

February 27, 2012 By Privacy, Cyber & Data Strategy Team

On February 22, 2012, California Attorney General Kamala D. Harris announced an agreement with the operators of the six major “app stores” to provide consumers an opportunity to review an app’s privacy policy before downloading the app. The deal with six companies, Amazon, Apple, Google, Hewlett-Packard, Microsoft and Research in Motion requires the app stores to present consumers with the privacy policy for any app that collects personal information.

None of the mobile carriers were involved in the California agreement. The reason for the agreement, according to the AG’s press release, was to bring mobile apps into compliance with the California Online Privacy Protection Act, Calif. Bus. And Prof. Codes,§ 22575-22579. The Act requires operators of commercial websites and “online services” who collect personally identifiable information about Californians to conspicuously post a privacy policy. According to the AG’s office, an “online service” would include a mobile app. According to the Attorney General, only five percent of all mobile apps have a privacy policy.

The agreement further commits the six companies to educate developers about consumer privacy, disclosing to consumers what private information they collect, how they use it and with whom it is shared. In addition, the app stores are to work to improve compliance with privacy laws by giving users tools to report non-compliant apps and collaborate with app developers to implement processes to respond to those reports.

A few days later, Europe’s largest mobile operators and a U.K.-based industry group unveiled voluntary privacy guidelines for mobile app development. These guidelines are for the carriers’ own branded apps, but are designed for all companies that collect and process mobile users’ personal information, including mobile operators, app developers, device makers, and platform providers. The main thrust of the guidelines is for the apps to inform users about what personal information an app will access, store or share, as well as their reasons for using the information. In addition, the guidelines say that an app should gain users’ explicit permission when collection of their information is not essential to the primary purpose of the app, when it shares their information with a third party and when information is retained after immediate use of an app.

“In order to maintain the strong growth in both the sales and popularity of mobile apps, customers need to be confident that their privacy is protected when they use them,” GSMA member Vodafone’s privacy officer Stephen Deadman said in a statement. “This is the responsibility of the entire mobile industry, and these guidelines set an important standard in defining what consumers should expect from their apps.”

Written by Bruce Sarkisian, Associate | Alston & Bird LLP

Filed Under: Uncategorized

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • Recent Exploits of Blockchain Bridges Highlight Need for Cybersecurity in Crypto and Risk of Liability
  • Germany’s Cyber Threat Landscape – Top 3 Lessons from the BKA Situation Report
  • CPPA Board Opposes American Data Privacy and Protection Act
  • SEC Settles Enforcement Actions with Broker-Dealers and Investment Advisors for Identity Protection Deficiencies
  • UK Information Commissioner’s Office Issues Warning on Ransomware Payments
Copyright © 2022 · Alston & Bird · All Rights Reserved. Privacy.