Cybercrime & Technology

SAN FRANCISCO — California Attorney General Rob Bonta today delivered remarks on California Department of Justice’s preparations to protect California’s values, people, and natural resources ahead of a second Trump Administration. To view a recording of the press conference, please visit here. 

Attorney General Bonta's Remarks as Prepared for Delivery:

As the reality of a second Trump Administration takes hold, I know there is a great deal of fear, sadness, anxiety, and panic. 

I understand. 

I’m here today to reassure you that in California, progress will prevail. 

No matter who is in the White House, no matter who holds control of Congress, in California we will keep moving forward. 

In California, we will choose calm over chaos. 

Fact over fiction.

Belonging over blame.

Unity over division. 

“Us and we” over “I and me.” 

It’s why we’re the 5th largest economy in the world. Not in spite of our commitment to workers, consumers, and the environment, because of it. 

Because we’re the largest and most diverse state in the nation.

Because we believe in the power of inclusivity.

Because we believe in truth over lies. Hope over hate. Light over dark.

Because  we believe in looking forward.

It’s who we are in the Golden State. It’s in our DNA. Nothing and no one can change that. 

As Attorney General, I’ll continue to use the full force of the law and authority of this office to address injustice. 

To stand up for all people, especially those who have long been overlooked and undervalued.

To safeguard reproductive rights. 

And advocate for more housing — especially more affordable housing for lower and middle-income families just trying to get by.

I’ll continue to take on greedy corporate giants and fight for more affordable gas, groceries, and everything in between.  

I’ll continue to defend our world-renowned natural resources and protect them for generations to come. 

Continue to fight for clean water to drink and clean air to breathe.

Continue to crack down on illicit guns on our streets and get fentanyl out of our neighborhoods. 

Continue to fight for workers.

I’ll continue to protect, defend, and serve every single Californian. No matter your politics. 

I’m here to ensure every person — no matter how they look, how much money they make, where they’re from, who they love, how they identify, or how they pray — can pursue their version of the California Dream. 

A fair wage and good benefits.  

A safe and affordable place to live.  

Affordable and accessible health care. 

Good schools to send our kids to. 

Safe neighborhoods to raise our families. 

That’s my promise to you, no matter who is in the White House.  

We’ve been here before.

We lived through Trump 1.0. 

We know what he’s capable of. 

We know what plans he has in store. 

The silver lining is just that: we know. 

We know to take Trump at his word when he says he’ll roll back environmental protections, go after our immigrant and LGBTQ+ communities, attack our civil rights, and restrict access to essential reproductive care.

Which means, we won’t be flat-footed come January.

You can be sure that as California Attorney General, if Trump attacks your rights: I’ll be there. 

If Trump comes after your freedoms: I’ll be there. 

If Trump jeopardizes your safety and well-being: I’ll be there.

California DOJ did it before and we’ll do it again.  

During the last Trump Administration, California DOJ fought to stop illegal rollbacks and proposals that would’ve harmed the well-being, health, safety, and civil rights of our people and of people across the country. 

That would have caused irrevocable damage to our environment.

No matter who is in charge of the federal government…

No matter what the incoming Administration has in store… California will remain the steadfast beacon of progress it has long been.  

A constant, unwavering, immoveable force to be reckoned with.  

We’ll continue to be a check on overreach and push back on abuse of power. 

Be the antidote to dangerous, extremist, hateful vitriol.

Be the blueprint of progress for the nation to look to.

Remember: in moments of chaos in D.C., you can always look to California for calm resolve. 

California leaders across the state are ready to stand arm-in-arm. 

Governor Newsom and every single Constitutional Officer;  

Senator Padilla and Senator-elect Schiff;  

Democratic members of Congress; 

Pro Tem McGuire, Speaker Rivas, and the California Legislature; 

Mayors, supervisors, and city councilmembers from San Francisco to San Diego are ready to fight for our California values. 

For our people. For our environment.

For progress and justice.

And as necessary, we’re ready to take on the challenges of a second Trump Administration — together.

While a great deal of change is on the horizon…

California’s path to progress remains full steam ahead.

It may not always be linear. Progress so rarely is. 

It zigs and zags. Takes frustrating detours. Inches forward and backward and forward again. 

The detours and setbacks don’t define our progress.

Our commitment to forward momentum defines our progress. Defines us. 

It’s what we do next that will define us. 

If you’re feeling despondent today, remember that you’re not alone. 

In California, we’re not looking back. We’re not moving back. 

We’re California! We’ll meet any challenges head on and rise to the occasion.

As is so often said, as California goes, so goes the nation.

In the days and months and years to come, all eyes will look west. 

In California, they’ll see: we’re still moving forward.

Thank you. 

Platform designed to promote excessive, compulsive, and addictive use

SAN FRANCISCO — California Attorney General Rob Bonta and New York Attorney General Letitia James today co-led a bipartisan coalition of 14 attorneys general in filing separate enforcement actions against TikTok for violations of state consumer protection laws. Filed in Santa Clara County Superior Court, Attorney General Bonta’s action alleges that TikTok exploits and harms young users and deceives the public about the social media platform’s dangers. The action seeks significant penalties, as well as injunctive and monetary relief, to address TikTok’s misconduct.

“Our investigation has revealed that TikTok cultivates social media addiction to boost corporate profits. TikTok intentionally targets children because they know kids do not yet have the defenses or capacity to create healthy boundaries around addictive content,” said Attorney General Rob Bonta. “When we look at the youth mental health crisis and the revenue machine TikTok has created, fueled by the time and attention of our young people, it’s devastatingly obvious: Our children and teens never stood a chance against these social media behemoths. TikTok must be held accountable for the harms it created in taking away the time — and childhoods — of American children.” 

“Young people are struggling with their mental health because of addictive social media platforms like TikTok,” said New York Attorney General Letitia James. “TikTok claims that their platform is safe for young people, but that is far from true. In New York and across the country, young people have died or gotten injured doing dangerous TikTok challenges and many more are feeling more sad, anxious, and depressed because of TikTok’s addictive features. Today, we are suing TikTok to protect young people and help combat the nationwide youth mental health crisis. Kids and families across the country are desperate for help to address this crisis, and we are doing everything in our power to protect them.”

Use of TikTok is pervasive among young people in the United States. In 2023, 63% of all Americans aged 13 to 17 who responded to a Pew Research survey reported using TikTok, and most teenagers in the U.S. were using TikTok daily; 17% of American teens said that they were on TikTok “almost constantly.”

In today’s lawsuit, Attorney General Bonta alleges TikTok violated California’s consumer protection statutes, the Unfair Competition Law (UCL), and the False Advertising Law (FAL).

According to the complaint, TikTok’s misconduct arises from its underlying business model that focuses on maximizing young users’ time on the TikTok platform so as to enable the company to boost revenue from selling targeted advertising space. TikTok’s misconduct includes: 

Deploying a content-recommendation system designed to be addictive in order to maximize the time young users spend on the platform. TikTok’s algorithmic features are designed to keep minors on the platform as long as possible and as often as possible, despite the dangers of compulsive use.

Using manipulative features to addict young users and maximize their time on its platform. These features exploit children's psychological vulnerabilities and are deployed to keep kids and teens on the platform for longer. 

BEAUTY FILTERS

Beauty filters and effects are deeply harmful to young users; they foster unrealistic beauty standards, harm self-esteem, and can induce negative body image issues and related physical and mental disorders. TikTok knows these filters and effects significantly increase platform use, particularly among young users, and retains these features despite their harms.

AUTOPLAY

To manipulate users into compulsively spending more time on the platform, TikTok does not allow them to disable Autoplay. TikTok uses Autoplay to continuously play new and temporary posts; this exploits young users’ novelty-seeking minds and eliminates their autonomy to choose to stop.

ENDLESS/INFINITE SCROLL

Endless scrolling compels young users to spend more time on the platform by making it difficult to disengage. It strips away a natural stopping point or opportunity to turn to a new activity and distorts users’ perception of time.

TIKTOK STORIES AND TIKTOK LIVE

Content on these features is only available temporarily — users must tune in immediately or lose the opportunity to interact. These time-sensitive features are designed to encourage young users to compulsively return to the platform by exploiting their uniquely sensitive fear of missing out. 

PUSH NOTIFICATIONS

Push notifications unfairly entice young users by overloading and overwhelming them to return to the platform. Some pushes are designed to keep young users from quitting the platform altogether, and others encourage young users to open the application. TikTok has even used fake notifications to manipulate users into opening its platform. 

LIKES AND COMMENTS

At key development states it can be overwhelmingly important for children and teens to be accepted by their peers. TikTok’s design and display of highlighting “likes” as a form of social validation has an especially powerful effect on young users and can neurologically alter teenagers’ perception of online posts, in addition to driving compulsive use.

Engaging in a scheme that deceptively markets the platform and platform features as promoting young users’ safety and well-being. TikTok employs a coordinated array of features, tools, content moderation efforts, community guidelines, and public assurances intended to promote a public narrative that the platform is appropriate and safe for young users and that TikTok prioritizes user safety. In truth, such features and efforts do not work as advertised, the harmful effects of the platform are far greater than acknowledged, and TikTok does not prioritize safety over profit.

Exploiting children’s data without parental notice or consent. Despite knowing certain users are under 13 years old and despite the platform being directed toward children, TikTok has collected and used personal information from children's accounts without parental consent or notice. Doing so is both unfair and fails to satisfy TikTok’s obligations under federal law. 

Attorneys general from the following states join Attorney General Bonta today in filing separate enforcement actions against TikTok to hold it accountable for its role in the children's mental health crisis: New York, Illinois, Kentucky, Louisiana, Massachusetts, Mississippi, North Carolina, New Jersey, Oregon, South Carolina, Vermont, Washington, and the District of Columbia. As of today, 23 attorneys general have filed actions against TikTok for its conduct toward youth, including existing actions filed by the attorneys general of Utah, Nevada, Indiana, New Hampshire, Nebraska, Arkansas, Iowa, Kansas, and Texas. 

Attorney General Bonta is a steadfast leader in protecting children against the mental health harms of using social media. In March 2022, Attorney General Bonta announced a nationwide investigation into TikTok, and in March 2023, he filed an amicus brief demanding TikTok comply with state investigations. In October 2023, Attorney General Bonta co-led a bipartisan coalition of 33 attorneys general in filing a federal lawsuit against Meta alleging the company designed and deployed harmful features that addict children and teens to their mental and physical detriment, and in November 2023, he announced the public release of a largely unredacted copy of the federal complaint. Last month, Attorney General Bonta issued a statement after Senate Bill 976 (SB 976) was signed into law by Governor Gavin Newsom. SB 976 provides important new protections for young people in California by resetting the defaults on social media platforms to disfavor addictive algorithmic feeds, notifications, and other addictive design features that lead children and teens to spend hours and hours on their platforms. 

A copy of the redacted complaint can be found here. 

OAKLAND — California Attorney General Rob Bonta issued the following statement after a federal judge ruled that Google maintained an unlawful monopoly on internet general search services and general search text ads in United States v. Google.

“As the fifth largest economy in the world, California has a special interest in protecting a landscape where competition and innovation will flourish,” said Attorney General Bonta. “This historic win sets the tone for what we as a country and state will not allow. The California Department of Justice remains vigorously committed to enforcing antitrust laws.” 

On December 11, 2020, then-Attorney General Xavier Becerra announced that California would join the U.S. Department of Justice’s lawsuit against Google regarding its monopoly on general internet search services and search-based advertising. In November 2023, Attorney General Bonta issued a statement following the conclusion of the 10-week bench trial.

OAKLAND — California Attorney General Rob Bonta today issued a consumer alert warning Californians to beware of scams that use artificial intelligence (AI) or “deepfakes” to impersonate government officials, distressed family members, or other trusted figures.

“Scammers are often quite literally in our pockets, just a phone call, social media message, or text away,” said Attorney General Bonta. “AI and other novel and evolving technologies can make scams harder to spot. Knowing what to look for is an important way to keep consumers safe against these tactics. I urge Californians to take practical steps to guard against being victimized by scammers, including talking to friends and family who may be unaware of these dangers.”

New technology – such as AI and deep fake video or voice manipulation – makes it easier for scammers to create sophisticated impersonations and to make more convincing requests for money or personal information. Scammers can use information available on the internet, including images and audio from social media, to convince people that the voice on the other end of the call is someone they can trust. Bad actors can clone a person’s voice through AI technology using clips of audio taken from that person’s social media account(s) and can refer to personal information about the victim found on the internet, making the scam appear credible.

For example, a troubling new scam targets parents by sending them AI voice impersonations of their child begging for help. Recent reports have included parents receiving a phone call using the cloned voice of their child claiming to have been badly injured in a car accident or in need of money to pay bail. Grandparents are often the target of scams claiming that their grandchild is in trouble and in need of money. In 2023, the FBI received victim complaints regarding grandparent scams that resulted in nearly $1.9 million in losses. 

Scammers often target consumers on their phones. In 2023, robocalls and robotexts resulted in more than $1.2 billion in reported losses nationwide. And most other methods of contact by scammers – including email, social media, and the internet – are also accessible by smartphones. These phone-based scams are designed to steal money, identities, or passwords, or urgently demand payment through cash or gift cards. Scams can result in significant financial losses, ruined credit scores, and impacted security clearance for service members and others. 

While younger adults reported losing money to fraud more often in 2023 than older adults, older adults who lose money tend to lose larger amounts.

Imposter scams were the most commonly reported fraud in 2023. These imposter scams often involve a bad actor pretending to be a bank’s fraud department, the government, a well-known business, a technical support expert, or a distressed relative, such as a kidnapped child. Other common phone-based scams include calls related to medical needs and prescriptions, debt reduction, utilities, bank fraud warnings, warranties, or IRS notices.

These scams can also spread misinformation about elections or political candidates. For example, in January residents of New Hampshire received scam election robocalls that allegedly used AI to impersonate the president and discourage voters from participating in the New Hampshire primary.

Protect Yourself and Others from Phone-Based Scams

Here are some tips to protect you and those you know from phone-based scams.

• Develop family code words: Develop simple ways of verifying if a family member truly is in trouble before responding to phone calls for financial help or sharing personal information. Talk with family about designating “safe words” or asking a question that only that person would know the answer to. When creating a question, be mindful that scammers might have access to information from social media and other online sources.
• Minimize personal audio/video content on social media accounts: Consider removing personal phone numbers and audio and video clips from your and your children’s social media profiles. AI scammers can use these clips to create clone voices and videos of loved ones.
• Check privacy settings: Strengthen privacy settings on social media so that strangers don’t know facts about your life and your current whereabouts, including whether you or a family member is out of town.
• Don’t answer the phone: Let phone calls from unfamiliar numbers go to voicemail. They often are illegal robocalls.
• Don’t trust caller ID: Phone numbers can be “spoofed” to look like a familiar number from friends, family, a school district, or a government agency. Don’t assume the caller ID is accurate and be wary if anything seems different about the caller or if they ask for financial or personal information.
• Hang up the phone: If you suspect a scam call, immediately hang up. Don’t automatically trust automated messages: often pressing “1” to indicate you don’t want to receive future calls just notifies bad actors that they should continue calling this active phone number.
• Take advantage of call-blocking technology: Many cellular providers offer enhanced call-blocking technology that can assist in preventing robocalls from reaching you.
• Don’t click on suspicious links: Scammers will try to get you to click on links that are sent to you in texts, emails, or social media. Text messaging is particularly dangerous because you might hurriedly click on a link and begin entering a password, not realizing that the link is phony, and your password is being recorded.
• Go directly to websites: Go directly to the website of a company you are familiar with rather than clicking on a link that has been sent to you. Some fraudulent links are made to look very similar to the actual website address. You should never click on links that are texted to you – for example, by what seems like a bank. Instead, go to the bank’s website on your own internet browser.
• Use strong passwords: Protect yourself by using different, unique passwords for each of your online accounts. Make sure that the passwords you use are at least eight characters, including a mix of letters, numbers, and symbols. Consider using a password manager to provide suggestions and store strong passwords.
• Protect your Social Security number (SSN) and other sensitive information: Keep your Social Security card at home in a safe place instead of carrying it around in your wallet. Only provide your SSN when absolutely necessary, such as on tax forms or employment records. If a business asks you for your SSN, see if there is another number that can be used instead.
• Beware of government impersonations and other common scams: Some scammers are sophisticated. They may offer to provide “documentation” or “evidence,” or use the name of a real government official or agency to make you think that their calls are legitimate. If a government agency calls you and asks for financial or personal information, hang up and go to the agency’s official website (which should be a .gov website) and call them directly. Government officials will not threaten you with arrest or legal action in exchange for immediate payment. They will not promise to increase your benefits or resolve an issue in exchange for a fee or transfer of funds to a protected account. And they will not ask for payment in the form of gift cards, prepaid debit cards, wire transfer, internet currency, or by mailing cash.

Attorney General Bonta is committed to protecting Californians by cracking down on robocalls, including AI-generated robocalls and robotexts.

In January, Attorney General Bonta called on the FCC to address the threat of AI-generated robocalls, and the FCC subsequently declared voice-cloning technology used in common robocall scams illegal under the Telephone Consumer Protection Act. In February, Attorney General Bonta joined a coalition of 51 bipartisan attorneys general in issuing a warning letter to a company that allegedly sent New Hampshire residents scam election robocalls during the New Hampshire primary election. The calls allegedly used AI to impersonate the president and discourage voters from participating in the primary. 

In May 2023, Attorney General Bonta, as part of a bipartisan coalition of 49 attorneys general, announced a lawsuit against Avid Telecom for allegedly initiating and facilitating billions of unlawful robocalls that included Social Security Administration scams, Medicare scams, and employment scams. In January 2022, as part of a bipartisan multistate coalition, Attorney General Bonta urged the FCC to stop the flood of illegal foreign-based robocalls that “spoof” U.S. phone numbers. In August 2022, Attorney General Bonta announced the launch of a bipartisan nationwide Anti-Robocall Litigation Task Force to investigate and take legal action against the telecommunications companies responsible for bringing a majority of foreign robocalls into the U.S.

For more information and resources on phone-based scams, visit our website at oag.ca.gov/consumers. 

SACRAMENTO — California Attorney General Bonta issued the following statement after Senate Bill 976 (SB 976) Protecting Our Kids from Social Media Addiction Act passed the Senate. SB 976, sponsored by Attorney General Bonta and authored by Senator Nancy Skinner (D-Berkeley), would limit the harms associated with social media addiction. This marks an important continuation of Attorney General Bonta’s commitment to improving child safety online.

“SB 976 puts control back in the hands of parents and children. Our children and teens are experiencing a public health crisis, caused by social media companies in their thirst for profits,” said Attorney General Bonta. “In California, we take mental health seriously, we take children’s online safety seriously — and we know that we don’t have a minute to waste to protect our kids. In California, we move fast and fix things.”

SB 976, co-sponsored by Public Health Advocates and the Association of California School Administrators, takes steps to protect young users from online addiction. First, SB 976 would give parents the choice of whether users under the age of 18 would receive a chronological feed from users they already follow or the current default on addictive social media platforms, an algorithmic feed. Algorithmic feeds fuel harmful and addictive use of the platforms and heavy social media use can cause mental health harms to young users. Second, the bill would prohibit social media platforms from sending notifications between 12:00 a.m. and 6:00 a.m. to users under age 18, unless a parent or guardian has provided consent. Third, SB 976 expands parental controls by requiring social media platforms to provide parents the ability to establish certain protections that will be turned on by default, including the ability to halt social media notifications and to block access to platforms for minors during nighttime hours and during the school day. 

The LA Times published an op-ed yesterday highlighting the urgent need for Senate Bill 976 (SB 976), The Protecting Our Kids from Social Media Addition Act. SB 976, authored by Senator Skinner (D-Berkeley) and sponsored by Attorney General Bonta, would limit the harms associated with social media addiction, and marks an important continuation of Attorney General Bonta’s commitment to improving child safety online.

The op-ed, excerpted below, can be read in its entirety here.

By The Times Editorial Board

From state capitols to Washington, D.C., lawmakers are scrambling to come up with regulations that can protect kids from the potential harms of social media, since the platforms have been unwilling to adopt reasonable safeguards themselves. A dozen other states, including California, are considering or have passed laws that would force companies to design their platforms to be safer for kids. 

This legislation is driven by a growing understanding that social media apps can be addictive and are dangerous to children’s mental health. The American Psychological Assn. urged again this month that policymakers require that tech companies reduce the risks embedded in the platforms.

Yet the drive for regulation is facing stiff pushback from the tech industry, which has lobbied against the bills and filed lawsuits to block new legislation from taking effect, arguing the laws are unconstitutional.  

Senate Bill 976 by Sen. Nancy Skinner (D-Berkeley) would require that social media platforms essentially turn off their algorithms for users under 18 and instead serve them content through a chronological feed from people they follow and information that they’ve searched for. The algorithms are designed to feed users a steady stream of content they didn’t necessarily ask for that keeps them on the app, which is why the algorithms have been called addictive.

The bill is sponsored by Atty. Gen. Rob Bonta, who sued Meta last year alleging the company used harmful and “psychologically manipulative product features,” such as “likes,” infinite scroll and constant alerts, to hook young people on Instagram and Facebook and keep them engaged for as much time as possible in order to boost profits.

These are reasonable safeguards and much less restrictive than proposals in other states, yet tech industry groups have opposed the bill. It’s likely that any law attempting to put guardrails on social media platforms will face legal challenges. This is complex legal and regulatory terrain, but that’s exactly why California lawmakers should keep pushing ahead with SB 976 and similar efforts. The tech industry has been unwilling to voluntarily change its practices to protect children. Lawmakers have to do it for them.

OAKLAND — California Attorney General Rob Bonta today issued the following statement applauding the Federal Communication Commission's (FCC) draft order proposing to reestablish federal net neutrality protections and concluding that California’s own net neutrality law is consistent with the proposed rules and should stay on the books. 

“Everyone deserves equal access to the internet,” said Attorney General Bonta. “California has led the way in protecting the open internet since 2018, when we passed Senate Bill 822, the nation’s strongest state net neutrality law. Since then, SB 822 has been instrumental in protecting internet access for California’s 39 million residents. I commend the federal government for moving to reestablish net neutrality rules nationwide and applaud the draft order for acknowledging the important role states like California play in protecting net neutrality.”

Last year, the FCC proposed to reestablish nationwide net neutrality protections, and issued a request for public comment. Attorney General Bonta filed a public comment letter expressing California’s support for strong net neutrality rules for all Americans, but also urging the FCC not to preempt parallel state net neutrality laws like SB 822. In the draft order, the FCC agrees, noting that “California law generally tracks the federal rules we restore today,” and finding “[no] reason at this time to preempt California from independently enforcing” federal or state net neutrality requirements. The FCC is scheduled to vote on the draft order at their next Open Commission Meeting on April 25, 2024.

Net neutrality rules protect consumers by allowing them to access online content without manipulative and anticompetitive interference from internet service providers. In 2018, under the Trump Administration, the FCC repealed federal net neutrality regulations. In response, California and other states enacted their own net neutrality laws to protect residents within their jurisdictions. California passed SB 822 to enshrine net neutrality rules into state law. 

LOS ANGELES — California Attorney General Rob Bonta today, alongside the U.S. Department of Justice (U.S. DOJ), and a bipartisan coalition of 16 states attorneys general, filed a lawsuit challenging Apple’s anticompetitive behavior related to iPhone smartphones. The lawsuit alleges Apple deliberately made it more difficult for third-party apps and products to operate with the iPhone, resulting in higher prices for consumers and harm to competition in the smartphone industry. Apple’s conduct has stifled innovation, limited consumer choice, and made switching to other smartphones — especially high-end performance smartphones — unnecessarily difficult and expensive for consumers.

“Apple’s anticompetitive conduct intentionally leaves consumers bearing the cost of sky-high smartphone prices at a time when smartphones are now essential to so much of our day-to-day lives. California’s economy thrives on entrepreneurship, serving as a driving force behind its innovation and growth. Consumers, innovation, and the competitive process — not Apple alone — should decide what options consumers should have,” said Attorney General Bonta. “In insulating itself from competition, Apple has caused harm to consumers and the market. This is illegal. I am proud to partner with the U.S. Department of Justice to send a clear message: We are committed to protecting consumers, holding industry accountable, and ensuring a fair and competitive market where the next generation of innovation can thrive.”

The lawsuit alleges Apple violated Section 2 of the Sherman Antitrust Act, which prohibits monopolization and attempted monopolization. Monopolization occurs when a single firm maintains a monopoly unlawfully, by using its control of the market to exclude rivals and harm competition. The complaint filed today alleges that Apple protects its monopoly by delaying, degrading, or outright blocking technologies that would bring competition by decreasing barriers to switching to another smartphone. 

Specifically, Apple:

• Degrades and undermines cross-platform messaging apps and rival smartphones, including introducing deliberate incompatibilities to prevent Android users from seamlessly sending messages to iPhone users.

• Makes it difficult for U.S. app developers to list “Super Apps”, which have a broad array of functions and make it easier for consumers to switch from one phone manufacturer to another 

• Blocks cloud gaming services on iPhones by historically refusing to list cloud gaming apps on the Apple App Store. Cloud gaming allows consumers to stream and play video games seamlessly across different devices independent of phone hardware.  

• Limits basic functionality when consumers try to use third party cross-platform smart watches with iPhones.

• Restricts digital wallet competitors by allowing only Apple Wallet access to the iPhone’s “tap-to-pay” functionality.

Apple suppresses or delays apps, innovations, and technologies that would reduce switching costs or simply allow users to discover, purchase, and use their own accessories, apps and content without having to rely on Apple. As a result, Apple faces less competition from rival smartphones and less competitive pressure from innovative, cross-platform technologies not because Apple makes its own products better but because it makes other products worse. With less competition, Apple extracts extraordinary profits and constrains innovation to serve its interests. This leaves all smartphone users worse off, with fewer choices, higher prices and fees, lower quality apps, and accessories, and less technological progress from Apple and others.

In filing the lawsuit, Attorney General Bonta joins the U.S. Department of Justice and the attorneys general of Arizona, Connecticut, Maine, Michigan, Minnesota, New Hampshire, New Jersey, New York, North Dakota, Oklahoma, Oregon, Tennessee, Vermont, Wisconsin, and the District of Columbia.

Attorney General Bonta is committed to enforcing anticompetitive laws to ensure fair prices, innovation, and consumer choice.

In February 2024, Attorney General Bonta, the Federal Trade Commission, and a bipartisan coalition of states, announced filing a lawsuit that challenges the proposed merger of Kroger and Albertsons; this merger presents a significant risk of reduced competition and higher food prices nationwide. In December 2023, Attorney General Bonta announced a $700 million multistate settlement with Google resolving allegations that the company violated state and federal laws by monopolizing the Android smartphone application market. In November 2023, Attorney General Bonta and three other attorneys general announced joining U.S. DOJ’s lawsuit against Agri Stats, Inc., a company that organizes and manages anticompetitive information exchanges for meat processors and facilitated the unlawful increase of chicken, pork, and turkey prices across the U.S.

A copy of the complaint is available here.

Updates to COPPA need to go further to protect children’s online data 

OAKLAND — California Attorney General Rob Bonta today, in response to the Federal Trade Comission's (FTC) notice of proposed rulemaking, joined a bipartisan multistate letter to the FTC proposing updates to regulations implementing the Children’s Online Privacy Protection Act (COPPA). In the letter, the attorneys general express support for updates to COPPA and advocate for further clarity and specification for proposed rules.

“The Federal Trade Commission’s proposed rule would strengthen our ability to enforce restrictions on companies selling children’s data and protect consumers who seek to manage what information websites can collect from kids,” said Attorney General Bonta. “Together with a broad bipartisan coalition from across the country, I support this effort and look forward to working collaboratively with the FTC to keep protecting children’s privacy.”

COPPA requires operators of websites and online services that are either directed to children under 13, or that have actual knowledge that they are collecting personal information from children under 13, to provide notice to parents and obtain parental consent before collecting, using, or disclosing personal information from children. 

The proposed rule would update COPPA by:

• Requiring separate “opt-in” consent for targeted advertising: The proposed new rule would require separate notice and parental consent before an operator can disclose children’s information to third parties, including third-party advertisers.
• Clarifying the “mixed audience” category:  There currently is ambiguity about when child-directed websites must provide COPPA protections to all users and when they may screen users for age and only provide COPPA protections to users who self-identify as under 13 years old. The FTC proposes to clarify this distinction by providing a new definition of “mixed audience."
• Adding “biometric identifiers” to the definition of “personal information”: The FTC proposes to expand the definition of “personal information” under COPPA to include biometric identifiers, like fingerprints or handprints, retina and iris patterns, genetic data, or data derived from voice, gait, or facial data.
• Limits on the “support for the internal operations” exception: Operators may currently collect persistent identifiers without first obtaining parental consent under an exception that permits “support for the internal operations of the website or online service.” The FTC proposes adding new requirements and disclosures for operators who rely on this exception.
• New limits on nudging kids to stay online: The FTC proposes adding new limitations on operators’ use of personal information to prompt or encourage children to use their service more.
• COPPA and schools: The FTC seeks to permit schools and school districts to provide consent for the collection, use, and disclosure of children’s personal information, but limit that consent to use for educational rather than commercial purposes.
• Data security, retention, and deletion: The FTC proposes strengthening data security, retention, and deletion requirements. For example, the FTC proposes requiring disclosure of data retention policies, and prohibiting operators from using retained information for any secondary purpose.

In the letter, the attorneys general support proposed updates to the COPPA Rule and respond to certain issues raised by the FTC, including how to define “personal information” as it relates to children and how to obtain parental consent to use children’s personal information in connection with advertising. The letter also advocates for limiting potential exemptions being considered by the FTC and addresses proposals regarding limitations on the use of personal information in ways that could be harmful to children, such as nudging kids to stay online longer.

Attorney General Bonta is committed to protecting children online. In October 2023, Attorney General Bonta co-led a bipartisan coalition of 33 attorneys general in filing a federal lawsuit against Meta Platforms, alleging that Meta, among other things, designed and deployed harmful features on Instagram and Facebook that addict children and teens to their mental and physical detriment. In November 2023, Attorney General Bonta announced the public release of a largely unredacted copy of the federal complaint against Meta. The removal of the redactions provides additional context for the misconduct that the attorneys general allege.

In March 2023, Attorney General Bonta as part of a bipartisan multistate coalition, filed an amicus brief supporting efforts to compel TikTok to produce subpoenaed materials and evidence as part of ongoing nationwide investigations into the company’s role in the growing youth mental health crisis. In December 2023, Attorney General Bonta joined a multistate amicus brief in Murthy v. Missouri supporting the right of the federal government to communicate with social media companies about matters of public concern. In January 2024, Attorney General Rob Bonta, Senator Nancy Skinner, and Assemblymember Buffy Wicks introduced the Protecting Youth from Social Media Addiction Act (SB 976), and the California Children’s Data Privacy Act (AB 1949), landmark legislation seeking to protect youth online.

In submitting today’s letter, Attorney General Bonta is joined by the attorneys general of Oregon, Illinois, Mississippi, Tennessee, Colorado, Connecticut, Massachusetts, New Jersey, North Carolina, Alabama, Alaska, Arizona, Arkansas, Delaware, District of Columbia, Florida, Georgia, Hawaii, Indiana, Kentucky, Maine, Maryland, Michigan, Minnesota, Nebraska, Nevada, New Hampshire, New Mexico, New York, Ohio, Oklahoma, Pennsylvania, Puerto Rico, Rhode Island, South Carolina, South Dakota, Utah, Vermont, U.S. Virgin Islands, Virginia, Washington, and Wisconsin.

A copy of the multistate letter is available here.

Part of Multi-Pronged Effort to Improve Online Privacy and Increase Compliance with CalOPPA 

SAN FRANCISCO -- Today, Attorney General Kamala D. Harris announced the release of an online form to help consumers report websites, mobile applications, and other online services that are in violation of the California Online Privacy Protection Act (CalOPPA). A website or app operator may violate CalOPPA by failing to post privacy policies or posting incomplete or inadequate policies. This new form is one of several initiatives Attorney General Harris is undertaking to protect Californians’ privacy, especially in light of technological advances and the growth of the “internet of things.”  The form is available at https://oag.ca.gov/reportprivacy.

“In the information age, companies doing business in California must take every step possible to be transparent with consumers and protect their privacy,” said Attorney General Harris. “As the devices we use each day become increasingly connected and more Americans live their lives online, it’s critical that we implement robust safeguards on what information is shared online and how. By harnessing the power of technology and public-private partnerships, California can continue to lead the nation on privacy protections and adapt as innovations emerge.”

In 2011, the Future of Privacy Forum (FPF) conducted a study which found that many mobile apps were missing privacy policies, prompting the Attorney General to secure a first-of-its-kind agreement with the leading mobile application platforms, including Apple, Google Play and Amazon, to improve compliance; this agreement was later expanded to include Facebook. As a part of her continued commitment to privacy, Attorney General Harris directed her office to conduct a five-year review on mobile app compliance with CalOPPA and commissioned the FPF to conduct a new study of the top 100 mobile apps.  In addition, the Attorney General’s office is collaborating with computer scientists at Carnegie Mellon University to review apps in the Google Play store for compliance with the law and consulting with privacy experts, designers, and researchers to assess the effectiveness of CalOPPA and the “Do Not Track” legislation, which was sponsored by Attorney General Harris.  

A new FPF study, released in August 2016, found that the number of apps with privacy policies has risen substantially since the 2012 Mobile App Agreement—up from 30% to 80%; but the study also highlighted a notable and persistent gap, particularly in health and fitness apps, which often collect sensitive personal information but are less likely than other apps to have a privacy policy. The CMU research revealed that some mobile apps employ data practices that are not properly disclosed in their privacy policies, especially as they pertain to information sharing with third parties. This research indicates that while much progress has been made, more needs to be done to ensure companies are protecting consumers’ privacy and employing transparent practices. 

In response to the analysis of CalOPPA compliance, Attorney General Harris is today launching an online tool allows consumers to “crowdsource” privacy policy violations, exponentially increasing the California Department of Justice’s ability to identify and notify those in violation of CalOPPA.  To use the tool, consumers who have identified an operator that may not be in compliance can simply visit https://oag.ca.gov/reportprivacy to report the finding.    

The CalOPPA form is part of a multi-pronged approach to improve online privacy. The Attorney General’s office is also partnering with the Usable Privacy Policy Project at Carnegie Mellon University to develop a tool that will identify mobile apps that may be in violation of CalOPPA. The tool is designed to look for discrepancies between disclosures in a given privacy policy and the mobile app’s actual data collection and sharing practices (for example, a company might share personal information with third parties but doesn’t disclose that in its privacy policies).  This tool will help proactively identify and focus attention on policies that may require enforcement.

With the passage of CalOPPA in 2003, California became the first state in the nation to require commercial websites and online services to post privacy policies and the initiatives Attorney General Harris is leading will help strengthen California’s online privacy laws. Any operator in the world that collects personally identifiable information such as name, address, email address, phone number, or Social Security number from California consumers is required to comply. The privacy policy must include the categories of information collected, the types of the third parties with whom the operator may share that information, instructions regarding how the consumer can review and request changes to his or her information, and the effective date of the private policy. Assembly Bill 370, which Attorney General Harris sponsored, expanded this law in 2013 requiring privacy policies to include information on how the operator responds to ‘Do Not Track’ signals or similar mechanisms, as well as requiring privacy policies to state whether third parties can collect personally identifiable information about the site’s users. 

Attorney General Harris has a long track record of encouraging innovative and growth while protecting consumers’ privacy online. Earlier this week, she announced a new initiative—the California Cyber Crime Center—to help law enforcement fight crime in the digital era.  The center includes the California Department of Justice’s Privacy Enforcement and Protection Unit, which Attorney General Harris created in 2012. The Unit is responsible for enforcing state and federal privacy laws, providing Californians with information and strategies on how to protect their privacy, and encouraging businesses to follow best protection practices. Throughout her administration, the Attorney General has prosecuted and reached settlements with major corporations including Anthem Blue Cross, Citibank, Kaiser, Comcast, Houzz and Wells Fargo Bank for violating California’s privacy protection standards.  Attorney General Harris has also released numerous consumer alerts to help Californians, including alerts on how to adjust the location settings on your mobile phone and protect against identity theft, as well as consumer information sheets on a broad range of privacy issues.

Attorney General Harris is also strongly committed to data security, safeguarding consumers’ sensitive online information. In February, Attorney General Harris released a data breach report detailing the nature of reported breaches in the last four years, accompanied by recommendations for business and lawmakers including pointing to standards regarding “reasonable security” for protecting personally identifiable information. The office recently conducted a set of workshops for small businesses in conjunction with security experts from the Center for Internet Security.