- Emergency Consultation Services
- Risk Management Services
- Who We Are
- Our People
- What We Do
- Why We Are Different
- What’s New
- Where We Are
By: Robert Buckley
California Attorney General Rob Bonta’s recent press release puts companies that are subject to the California Consumer Privacy Act (the “CCPA”) on notice that they should determine whether their mobile apps comply with the CCPA’s requirements. On January 27, 2023, Attorney General Bonta announced an “investigative sweep” that involved “sending letters to businesses with mobile apps that fail to comply with” the CCPA and in particular, apps in the retail, travel and food service industries that “allegedly fail to comply with consumer opt-out requests or do not offer any mechanism for consumers who want to stop the sale of their data.” Part of the sweep also addressed “businesses that failed to process consumer requests submitted via an authorized agent,” such as Permission Slip. Attorney General Bonta indicated that the sweep was particularly focused on mobile app compliance, “given the wide array of sensitive information that these apps can access from our phones and other mobile devices.”
Given the proliferation of mobile app use, businesses should remain cognizant of their data collection practices and obligations they may have to ensure their mobile apps comply with the CCPA’s requirements. Businesses subject to the CCPA are required to provide a mechanism for California residents to opt out of their data being shared and sold as well as for them to request the company delete personal information collected about them. Failure to comply with the CCPA could lead to adverse consequences for a business, and the release referred to an August 2022 settlement in which a company had to pay $1.2 million in penalties and comply with certain injunctive terms.
The CCPA was recently amended by the California Privacy Rights Act of 2020 (the “CPRA”) and enforcement of the CPRA is set to begin July 1, 2023.