Mobile app privacy enforcement push from California Attorney General Bonta - Mobile Privacy Briefing 2023.081
In late January 2023, California Attorney General Rob Bonta announced a CCPA (California Consumer Privacy Act) enforcement focus on mobile apps. The enforcement focuses on “popular apps in the retail, travel, and food service industries” that don’t allow or comply with consumer opt-out requests.
A recent CCPA settlement involving Sephora cost the company $1.2m in penalties and obviously compliance with CCPA plus regular reporting to the AG’s office. We’re also seeing federal enforcement of mobile app privacy issues from the FTC, most recently with a $1.5m settlement with GoodRx. You can follow the latest mobile breaches on NowSecure’s Mobile App Security & Privacy Breaches resource.
While a Federal privacy law has yet to arrive, it has been actively considered over the past few years. Similarly, many States are currently considering privacy laws and 5 states (California, Utah, Colorado, Virginia and Connecticut) now actively protect privacy via legislation (see IAPP’s US State Privacy Legislation Tracker for full details).