The Attorney General of California (“AG”) released a Joint Statement of Principles (“Joint Statement“) among itself and Amazon.com Inc., Apple Inc., Google Inc., Hewlett-Packard Company, Research In Motion Limited and other companies (collectively the “Mobile App Market Companies”) describing the terms of a settlement relating to the AG’s review of mobile application marketplace privacy protections.
The Joint Statement generally sets forth the following:
- Mobile App Market Companies will maintain a means for users to report App’s that do not comply with applicable terms of service and/or laws;
- Mobile App Market Companies will maintain a process for responding to reported instances of non-compliance with applicable terms of service and/or laws (without limiting law enforcement/regulatory rights to pursue actions); and
- Mobile App Market Companies will continue to work with the AG to develop best practices for mobile privacy in general and model mobile privacy policies in particular, and, within six months, will convene to evaluate privacy and education regarding mobile Apps.
In connection with the Joint Statement, the AG released a Mobile Applications and Mobile Privacy Fact Sheet which referenced a Wall Street Journal report stating “45 of the top 101 Apps did not provide privacy policies either inside the application or on the application developer’s website” despite 56 of the Apps transmitting unique identification information to third parties without consumer consent.
Although the Joint Statement isn’t legally binding, and applies only to California, mobile application providers should strategically reevaluate the transparency of their personal information collection practices and privacy policies since (a) conspicuous links to privacy policies at the time of purchase/installation may be interpreted as an affirmative obligation under the laws of other States and (b) CA (and its robust tech community) often serve as a thought leader providing legislation other states choose to implement.