The right to privacy in California is a frequent topic of discussion on this blog.  Earlier this year, the Department of Justice established the Privacy Enforcement and Protection Unit which is charged with enforcing laws concerning the handling of consumer information in a wide variety of contexts including the dozens of California statutes and regulations that deal with privacy (full list available here).  The AG’s newly created unit presumably works cooperatively with another Sacramento bureaucracy, the California Office of Privacy Protection which has been around since 2001. (I am confident that there are no bureaucratic inefficiencies or redundancies here!)

My partner, Melissa Krasnow, has written an excellent summary of a new enforcement initiative aimed at mobile apps.  The full article is available here and here at the International Risk Management Institute’s website.


If your company has an app or is thinking about developing one, you should consider these new substantive regulations.  As Melissa points out, failure to comply can lead to serious regulatory actions.  It can also spin off into a costly class action lawsuit. I can assure you that there are right now dozens if not hundereds of consumer class action attorneys trolling for lawsuits hoping to find a company that has not yet acted to conform its notices and practices to these new regulations.  Even if a business does not have an app, it is not a bad idea to conduct a review of all practices and policies to ensure compliance with the California Online Privacy Protection Act.