Data Security Law Journal Focusing on legal trends in data security, cloud computing, data privacy, and anything E

Where’s Your Privacy Policy?

Posted in Data Privacy, FTC

Regulators increasingly want to know what companies are telling consumers about how the companies are using information about their consumers.  Companies that do not properly explain how they collect, store, and use their customers’ information are facing increased scrutiny.  Nowhere is this increased scrutiny move evident than in the $22.5 million civil penalty that the FTC levied against Google, or the FTC’s complaint and decision against Facebook.

Now, the Office of the Attorney General for the State of California has weighed in by cracking down on companies that do not include privacy policies in their mobile apps.  In a recent press release, California Attorney General Kamala Harris announced that her office has begun formally notifying up to 100 mobile application developers and companies that they are not in compliance with California privacy law.  According to Bloomberg, some of these companies receiving letters include United-Continental, Delta Air Lines, and Open Table.

The law that the Attorney General is referring to is the California Online Privacy Protection Act, which requires commercial operators of online services who collect personally identifiable information from California residents to conspicuously post a privacy policy.  Companies that violate this law face fines of up to $2,500 each time the non-compliant app is downloaded.

Amazon, Apple, Facebook, Google, Hewlett-Packard, Microsoft, and Research in Motion, as platforms for mobile applications, all agreed to privacy principles earlier this year that allow consumers to review an app’s privacy policy before they download the app rather than after.  The companies also agreed to offer consumers a consistent location for an app’s privacy policy on the application-download screen in the platform store.

So what is the takeaway?  If you collect information about individuals, make sure you have a clear privacy policy.  Make sure the policy is placed in a location that makes it easy to find.  If you offer a mobile app, try to work with your mobile app platform to provide the privacy policy to consumers before they download the app.  It’s also a good idea to update your privacy policy periodically to ensure it remains current with your company’s information collection practices.

When was the last time your company took a fresh look at its privacy policy?

 

DISCLAIMER:  The opinions expressed here represent those of Al Saikali and not those of Shook, Hardy & Bacon, LLP or its clients.  Similarly, the opinions expressed by those providing comments are theirs alone, and do not reflect the opinions of Al Saikali, Shook, Hardy & Bacon, or its clients.  All of the data and information provided on this site is for informational purposes only.  It is not legal advice nor should it be relied on as legal advice.