Tech Giants Agree to Require App Developers to Post Privacy Policies

24 February 2012 Privacy & Security Source Publication

           On February 22, 2012, California’s Office of the Attorney General announced that Amazon, Apple, Google, Hewlett Packard, Microsoft and Research in Motion (the “Companies”) have all agreed to require their application (“app”) developers to post clear privacy policies for their apps wherever those apps can be downloaded (“Agreement”).  Together, these Companies account for 95 percent of all app downloads.  According to the Attorney General’s office, of the top 30 most downloaded apps, only 8 have posted privacy policies.

             In recent weeks, this issue has come to the forefront as Path, a social networking app, admitted to collecting and storing information from users’ address books without first notifying its users.  After Path’s revelation, Twitter, Foursquare, and Instagram all acknowledged that they collect users’ address book information without consent as well.  Apple also announced a change to its app developer guidelines, saying that iOS applications that collect user data without consent are prohibited. 

             Under the new Agreement, the Companies will ask app developers include either the text of, or a hyperlink to, the privacy policy that will notify users about what data the apps can access and how that data will be stored by the app.  Generally, apps have access to data regarding users’ location, contacts, and photos. 

             According to Attorney General Kamala Harris,  “[t]his [A]greement strengthens the privacy protections of California consumers and of millions of people around the globe who use mobile apps.  By ensuring that mobile apps have privacy policies, we create more transparency and give mobile users more informed control over who accesses their personal information and how it is used.” 

             If an app developer does not comply with the privacy policies as required by the Agreement, developers can be prosecuted under California’s Unfair Competition Law or False Advertising Law.  No timeline for compliance has been set, but the Attorney General said that she would meet with the Companies in six months to assess developers’ progress.