Online businesses and those with mobile applications have a new incentive to post privacy policies that comply with the California Online Privacy Protection Act (CalOPPA). California Attorney General Kamala Harris launched an online tool Friday through which people can report websites, mobile apps, and other online services that they allege are in violation of the law. A business is in violation of CalOPPA if it fails to post privacy policies or posts policies that are incomplete and it fails to cure that violation within 30 days of notice from the Attorney General’s Office.
CalOPPA compliance is a particular challenge for smaller organizations. According to an August 2016 study issued by the Future of Privacy Forum (FPF), a think tank commissioned by Attorney General Harris to study compliance with CalOPPA by the top 100 apps, there is a particular gap in compliance with regard to health and fitness apps. The FPF and computer scientists at Carnegie Mellon University state that this is particularly true of information sharing with third parties.