magnifying glass book-thumb-100x62-14871.jpgMobile application (“app”) developers, both the ones who write the code and the ones whose services or goods are being sold, may need to comply with a patchwork of state laws. A Connecticut or Massachusetts company has a nationwide reach when it offers an app for download in the Apple App Store, Google Play, or Windows Store. One of the laws that may apply is the California Online Privacy Protection Act (“CalOPPA”), Cal. Bus. & Prof. Code §§ 22575-22579. That law requires an online service operator that collects personally identifiable information (“PII”) to conspicuously post a specific type of privacy policy.

While many website developers and online merchants are familiar with that law regarding traditional websites and mobile versions of those sites, there has been an oversight in compliance regarding mobile apps. This week, the California Attorney General, Kamala D. Harris, began notifying many large companies, reportedly including United Continental, Delta, and OpenTable, that their apps are non-compliant. A sample of Attorney General Harris’s letter will automatically download here.

Violation of CalOPPA may result in a claim under California’s Unfair Competition Law, Cal. Bus. & Prof. Code § 17206(a), with penalties up to $2,500 per violation. A violation may include each download of an app. An app that has had but 1,000 downloads without a conspicuous privacy policy could result in a $2.5 million penalty. App Developers should consult with counsel to review their compliance with CalOPPA and other applicable laws.