The State of California is rolling out a new tool for consumers to report potential violations of the California Online Privacy Protection Act (CalOPPA). CalOPPA requires operators of commercial websites and mobile apps to clearly and conspicuously post a privacy policy that accurately describes the collection, use, and sharing of a user’s personal information. Violations of CalOPPA can arise when an operator fails to clearly and conspicuously post a privacy policy, does not comply with the terms of its privacy policy, or the privacy policy fails to include certain technical requirements, such as the disclosure of third-party advertising practices. With this new enforcement mechanism, it is growing increasingly important that operators of commercial websites and apps ensure full compliance with all CalOPPA requirements.

As part of an ongoing initiative to boost CalOPPA compliance, California Attorney General Kamala D. Harris has released an online form allowing consumers report websites, mobile applications, and other online services that the consumer believes to be in violation of CalOPPA. The form is available at https://oag.ca.gov/reportprivacy. With this tool, consumers may scour the Internet and report any company that’s website, mobile app, or other online presence (i) “lacks a privacy policy,” (ii) has a “privacy policy [that] is hard to find,” (iii) has a “privacy policy [that] does not contain all the information required by law,” (iv) “does not follow its own privacy policy,” or (v) “does not notify users of significant changes to its privacy policy.”

Addressing the need for this new tool, Attorney General Harris said that “in the information age, companies doing business in California must take every step possible to be transparent with consumers and protect their privacy. As the devices we use each day become increasingly connected and more Americans live their lives online, it’s critical that we implement robust safeguards on what information is shared online and how. By harnessing the power of technology and public-private partnerships, California can continue to lead the nation on privacy protections and adapt as innovations emerge.”

The California Attorney General’s office also announced that it is collaborating with Carnegie Mellon University computer scientists to develop an automated tool that will identify mobile apps that potentially violate CalOPPA. This tool will identify discrepancies between disclosures in a given privacy policy and the mobile app’s actual data collection and sharing practices, thereby helping to proactively identify and focus attention on privacy policies that may require enforcement.

These new tools, which effectively crowdsource and automate the identification of CalOPPA violations, reflect California’s commitment to “exponentially increase[e] the California Department of Justice’s ability to identify and notify those in violation of CalOPPA.”