E Point Perfect – Interesting and beneficial content
Law \ Legal

California Enforcement Sweep Targets Mobile Apps


On Friday, January 27, California Attorney General Rob Bonta announced an investigative sweep of businesses that provide mobile apps, issuing warning letters to those that AG Banta alleges failed to comply with the California Consumer Privacy Act (CCPA).  This sweep focused specifically on “popular retail, travel, and food service industry apps” that failed to comply with consumer opt-out requests or otherwise failed to offer mechanisms for consumers to stop the sale of their personal information.   

While investigative sweeps have been fairly common of late, every business with a mobile app should pay particular attention to this sweep because it involves honoring an authorized agent in the form of a third party application for submitting requests.  In addition to the general focus on mobile apps that did not offer a mechanism to opt out of the sale of personal information, the sweep also focused on mobile apps that could not process requests submitted through authorized agents—including those sent by the mobile app “Permission Slip.”  Permission Slip is an app that files requests on users’ behalf, instructing companies to stop selling data.

Much like the requirement to recognize the Global Privacy Control (GPC) on websites, which was the focus of the California Attorney General’s Sephora action, businesses with mobile apps now have to ensure that they can recognize and process automated requests submitted through the Permission Slip app. This sweep adds another layer of complexity for businesses attempting to implement their CPRA compliance efforts.

For more information, please see the Attorney General’s press release, available here, as well as the Permission Slip app, available here.


Source link

Related posts

All or Nothing. Why Lawyers Need to Be Passionate About Rainmaking By Steve Fretzin

EUON Publishes Nanopinion on Study of the EU Market for Nanomaterials

Feb. 6-7 Event | 2023 Midwest Legal Conference on Data Privacy and Cybersecurity

Corrigendum to Commission Delegated Regulation of 5 October 2022 supplementing the CRR

Are 4-Day Work Weeks Right 4 Employers?

Franchise Renewal Season is Coming so What’s New with FRED?