Cybercrime & Technology

SAN FRANCISCO -- Attorney General Kamala D. Harris today issued recommendations to California businesses to help protect against and respond to the increasing threat of malware, data breaches and other cyber risks.

"My office issued this guide to support California’s businesses and ensure a robust economy,” Attorney General Harris said. “Technology has created new opportunities and new risks for California businesses, including cyber attacks. This guide offers specific, straightforward recommendations to help businesses continue to thrive by reducing cyber security risks to employees and customers.”

The guide, Cybersecurity in the Golden State, provides recommendations focused on small to mid-sized businesses, which are particularly vulnerable to cybercrime and often lack the resources to hire cybersecurity personnel. In 2012, 50% of all cyber attacks were aimed at businesses with fewer than 2,500 employees and 31% were aimed at those with less than 250 employees.

Click here to view Cybersecurity in the Golden State: https://oag.ca.gov/cybersecurity

The guide is a product of a collaborative effort between the California Attorney General’s office, the California Chamber of Commerce and Lookout, a mobile security company.

“Prevention is the best medicine. Not only does the guide provide useful information to reduce the threat of cybercrime, it highlights the need to be proactive in preventing data breaches. This is good for California businesses and consumers,” said Allan Zaremberg, President and CEO of the California Chamber of Commerce.

“Security should not be viewed as a technology problem; it needs to be viewed as a business problem. If companies take a more proactive approach to security, they mitigate issues related to cyber risk,” said Kevin Mahaffey, co-founder and CTO at Lookout. “We’re happy to collaborate with Attorney General Harris to identify the steps businesses can take to improve their security practices -- for companies of all sizes.”

Key Recommendations for small business owners:

• Assume you are a target and develop an incident response plan now.
• Review the data your business stores and shares with third parties including backup storage and cloud computing. Once you know what data you have and where it is, get rid of what is not necessary.
• Encrypt the data you need to keep. Strong encryption technology is now commonly available for free, and it is easy to use.
• Follow safe online practices such as regularly updating firewall and antivirus software on all devices, using strong passwords, avoiding downloading software from unknown sources and practicing safe online banking by only using a secure browser connection.

In 2003, California was the first state to pass a law (AB 700) mandating data breach notification, which requires businesses and state agencies to notify Californians when their personal information is compromised in security breach. In 2012, companies and state agencies subject to the law were required for the first time to report any breach that involved more than 500 Californians to the Attorney General’s Office (SB 24). That first year, The Attorney General’s office received reports of 131 data breaches, which placed the personal information of an estimated 2.5 million Californians at risk. More information is available here: http://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-releases-report-data-breaches-25-million

Attorney General Harris created the eCrime Unit in 2011 to identify and prosecute cyber crimes such as hacking, theft of intellectual property, identity theft, on-line fraud and extortion and identity theft. Attorney General Harris also established the office’s Privacy Enforcement and Protection Unit in 2012 to enforce federal and state privacy laws regulating the collection, retention, disclosure, and destruction of private or sensitive information by individuals, organizations, and the government.

LOS ANGELES -- Attorney General Kamala D. Harris today announced the arrest of the alleged owner and operator of a revenge porn website who facilitated the posting of more than 400 sexually explicit photos of Californians and extorted victims for as much as $250 each to remove the illicit content.

Casey E. Meyering, 28, of Tulsa, Oklahoma was arrested yesterday in Tulsa by agents with the California Attorney General’s eCrime Unit, the Rohnert Park Department of Public Safety and the Tulsa Police Department. The Attorney General’s Office is seeking a Governor's warrant for Meyering’s extradition to California, and he remains in custody pending the extradition hearing. According to documents filed in Napa County Superior Court, Meyering has been charged with 5 felony extortion counts.

“This behavior is the very definition of predatory and this website made a game out of humiliating victims for profit,” Attorney General Harris said. “These actions at their core are about one individual exploiting the privacy and trust of others for financial gain. We will continue to investigate and prosecute those who participate in these deplorable and illegal activities.”

Court documents allege that in 2013, Meyering owned and administered the website WinByState.com, which solicits the anonymous, public posting of private photographs containing nude and explicit images of individuals without their permission. Commonly known as revenge porn, the photos maybe obtained consensually by the poster during a prior relationship, or are stolen or hacked.

The investigation into WinByState.com began when a Northern California hacking victim discovered nude photos of herself on this site that had been stolen from her computer, according to court documents. Described as “a user supported website where you can trade your ex-girlfriend, your current girlfriend, or any other girl that you might know,” WinByState.com solicited uploaders to identify their “wins” according to city and state, sometimes using the victim’s complete or partial name. There were over 400 postings in the California forum, and at least one victim was under 18 at the time the photographs were taken, according to court documents.

Court documents also allege that WinbyState.com required victims to pay $250 via a Google Wallet account to remove posted photographs. The account was named TakeDownHammer, and was registered to Meyering at a non-existent Beverley Hills storefront. Law enforcement agents purchased a “takedown” for one the victims in Napa, and traced the funds to Meyering’s bank account in Tulsa, where surveillance footage from the bank identified him withdrawing money from the account.

The California Attorney General’s Office is currently working with GoDaddy.com to suspend the website pending the investigation and identification of additional victims.

In December of last year, Attorney General Harris announced the arrest of Kevin Christopher Bollaert, 27, of San Diego, who operated the revenge porn website ugotposted.com. He was charged with 31 felony counts of conspiracy, identity theft and extortion and is currently awaiting trial.

Attorney General Harris created the eCrime Unit in 2011 to identify and prosecute identity theft crimes, cybercrimes and other crimes involving the use of technology.

Individuals who feel they are victims of WinByState.com or other revenge porn websites should file a complaint with the California Attorney General’s office here: https://oag.ca.gov/contact/consumer-complaint-against-business-or-company.

Please note that a complaint contains only allegations against a person and, as with all defendants, Casey E. Meyering, must be presumed innocent unless and until proven guilty.

SAN FRANCISCO -- Attorney General Kamala D. Harris today announced the arrest of the alleged owner and operator of a revenge porn website who facilitated the posting of more than 10,000 sexually explicit photos and extorted victims for as much as $350 each to remove the illicit content.

“This website published intimate photos of unsuspecting victims and turned their public humiliation and betrayal into a commodity with the potential to devastate lives,” Attorney General Harris said. “Online predators that profit from the extortion of private photos will be investigated and prosecuted for this reprehensible and illegal internet activity.”

Kevin Christopher Bollaert, 27, of San Diego, was arrested today in San Diego by California Department of Justice agents and is being held in San Diego County jail on $50,000 bail. According to documents filed in San Diego County Superior Court, Bollaert has been charged with 31 felony counts of conspiracy, identity theft and extortion and is facing possible jail time and fines.

Court documents allege that, in December 2012, Bollaert created the website ugotposted.com, which allows the anonymous, public posting of private photographs containing nude and explicit images of individuals without their permission. Commonly knows as revenge porn, the photos are typically obtained consensually by the poster during a prior relationship or are stolen or hacked. Unlike many other revenge porn websites where the subject of the photos is anonymous, ugotposted.com required that the poster include the subject’s full name, location, age and facebook profile link.

California Penal Code sections 530.5 and 653m (b) make it illegal to willfully obtain someone’s personal identifying information, including name, age and address, for any unlawful purpose, including with the intent to annoy or harass.

Court documents also allege that Bollaert created a second website, changemyreputation.com, in October 2012, which he used when individuals contacted ugotposted.com requesting that content be removed from the site. Bollaert would allegedly extort victims by replying with a changemyreputation.com email address and offering to remove the content for a fee ranging from $299.99 to $350, which could be paid using an online PayPal account referenced in the emails. Ballaert allegedly told investigators, according to court documents, that he made around $900 per month from advertising on the site and records obtained from his changemyreputation.com PayPal account indicate that he received payments totaling tens of thousands of dollars.

According to court documents, ugotposted.com’s registration listed a billing address in San Diego, CA.

The arrest comes after a six-month investigation by the California Attorney General’s eCrime unit.

Attorney General Harris created the eCrime Unit in 2011 to identify and prosecute identity theft crimes, cybercrimes and other crimes involving the use of technology.

Individuals who feel they are victims of ugotposted.com or other revenge porn websites should file a complaint with the California Attorney General’s office here: https://oag.ca.gov/contact/consumer-complaint-against-business-or-company.

Please note that a complaint contains only allegations against a person and, as with all defendants, Kevin Christopher Bollaert, must be presumed innocent unless and until proven guilty. 

A copy of the complaint and arrest warrant are attached to the electronic version of this release here: https://oag.ca.gov/news.

SAN FRANCISCO -- Attorney General Kamala D. Harris today joined San Francisco Mayor Ed Lee and San Francisco Police Chief Greg Suhr to launch the California Department of Justice’s JusticeMobile app.

JusticeMobile is a mobile app that gives law enforcement agents, for the first time, secure and immediate access to state and federal criminal justice information. Until now, officers have had to use a phone or radio to contact personnel to obtain this information.

JusticeMobile was tested over the past five months by more than 600 San Francisco Police Department (SFPD) officers. Now, JusticeMobile is being rolled out to all SFPD officers, giving them access to internal SFPD, California DOJ and federal law enforcement databases. Justice Mobile will soon be available to law enforcement agencies across the state. The Los Angeles Police Department plans to equip 3,600 officers with the technology.

“We have mobile apps for everything from banking to board games on our phones. But, incredibly, law enforcement hasn’t had the tools to access important criminal justice information on handhelds and tablets until now,” said Attorney General Harris. “JusticeMobile is a quantum leap forward for public and peace officer safety, and it demonstrates our commitment to facilitating the adoption of new technology by law enforcement. I thank Mayor Lee and Chief Suhr for their partnership on this important project.”

In San Francisco, the Attorney General’s office partnered with SFPD’s Technology Division, the Mayor’s Office and technology companies through the San Francisco Citizens Initiative for Technology and Innovation (sf.citi).

“San Francisco’s men and women in uniform need 21st Century tools to keep our city safe,” said Mayor Lee. “This is a game changer. Under the leadership of Attorney General Harris, SFPD and sf.citi, the JusticeMobile smartphones give officers on the streets instant access to law enforcement data where information in real time counts. The City’s violent crime rates are now at historic lows and implementing innovative crime prevention strategies like this will help keep San Francisco as one of the safest big cities in America.”

“Talk about loving when a plan comes together, and I want to acknowledge the vision of Mayor Lee, Attorney General Kamala D. Harris, the Police Commission, and sf.citi in moving this initiative forward,” said SFPD Chief Greg Suhr. “That vision, coupled with the tenacity of SFPD CIO Susan Giffin and her award winning team, San Francisco will be a safer place because it’s a smarter place. This is the force multiplier SFPD has been working toward. In this case, some of San Francisco’s finest citizens came together to give ‘San Francisco’s Finest’ a 21st century tool that will go a long way towards making the City the safest big city in the country.”

JusticeMobile employs many rigorous security standards, including: strong password requirements, a Virtual Private Network requiring two-factor authorization, encryption, limits on downloads and backup/syncing, and prohibiting copying or screen captures.

JusticeMobile is also being used on a pilot basis to keep illegal firearms out of the hands of dangerous criminals. DOJ agents are using JusticeMobile on their iPads to check potential gun buyers at weekend firearms shows in California, by checking names against the Bureau of Firearms Armed Prohibited Persons (APPS) database. Previously, agents were able to run only 20 individuals against the APPS list at a weekend gun show. Now, using JusticeMobile on iPads, agents are running 80 individuals, an increase of 300 percent.

Images showing how the app works are attached to the electronic version of this release at: https://oag.ca.gov/news

SAN FRANCISCO -- Attorney General Kamala D. Harris today announced criminal charges and the arraignment of three brothers who face up to five years in prison for operating an illegal website that allowed users to watch bootleg versions of copyrighted television shows and movies.

Hop Hoang, 26, Tony Hoang, 23, and Huynh Hoang, 20, all brothers, were arraigned in Alameda County Superior Court on Thursday, June 13 for allegedly operating the website mediamp4.com which allowed users to illegally stream more than 1,000 copyrighted television and movie titles on computers and mobile devices. The three have each been charged with one count of conspiracy, four counts of receiving stolen property and one count of grand theft.

“Digital piracy is theft. It is a serious crime that harms one of California’s most important economic engines – our entertainment industry,” said Attorney General Harris. “This case sends a clear message that the California Department of Justice will investigate digital piracy and prosecute violators to the fullest extent of the law.” 

The Motion Picture Association of America (MPAA) initially began an investigation into iphonetvshows.net and movieiphone.net and sent a cease and desist letter to Tony Hoang. Thereafter, Tony Hoang and his co-defendant brothers allegedly resumed the illegal operation under a new domain name, mediamp4.com.  The Attorney General’s office then initiated an investigation into mediamp4.com, executed a search warrant, seized property used in connection with the illegal operation and filed charges against the Hoang brothers.

“The MPAA deeply appreciates the leadership of Attorney General Harris and her office in helping to combat websites that illegally profit from the creative content produced by the men and women of the American movie and television community,” said former Senator Chris Dodd, the MPAA’s CEO and Chairman.  “There are now nearly 80 legal online services in the United States dedicated to providing movies and television shows to viewers.  But to realize the enormous potential of these businesses and ensure an Internet that works for everyone, it is critical that government, content creators, the tech community and others work together to stop illegal rogue sites.”

Over the 18 months of the website’s operation, the brothers earned approximately $150,000 in advertising revenue. Hop Hoang allegedly confirmed that the brothers generated traffic to the website through Google search ads.

Subscribers could illegally access television shows like “How I Met Your Mother,” along with films such as “Black Swan,” “Tangled” and “Harry Potter and the Deadly Hallows Part 1.”

The investigation was conducted by the eCrime Unit of the California Attorney General’s Office, California Highway Patrol, and REACT, a law enforcement task force located in Santa Clara, CA specializing in investigating technology crimes and identity theft. The Attorney General’s eCrime Unit conducted the forensic analysis of the computer seized during a search and is prosecuting the case.

In 2011, Attorney General Harris created the eCrime Unit to identify and prosecute identity theft crimes, cybercrimes and other crimes involving the use of technology.

The charges in the complaints are only allegations, and the defendants are presumed innocent until and unless they are proven guilty beyond a reasonable doubt.

LOS ANGELES -- Attorney General Kamala D. Harris today filed lawsuits against two international apparel manufacturers for gaining an unfair competitive advantage over American companies by using pirated software in the production of clothing imported and sold in California.

The companies, based in China and India, did not pay licensing fees for software, including products manufactured by Adobe, Microsoft, Symantec and others. The complaints allege that the foreign apparel manufacturers who have not paid software licensing fees have a significant cost advantage in the low-margin business of apparel manufacturing, shipment and sales.

“Companies across the globe should be on notice that they will be held accountable in California for stealing our intellectual property,” Attorney General Harris said. “This is an anticompetitive practice which harms our state’s economy and is illegal. These lawsuits go after overseas companies whose unlawful actions are eroding California’s garment industry and placing California companies who legally pay for computer software at a disadvantage.”

The lawsuits, filed in Los Angeles County Superior Court, charge Pratibha Syntex Ltd. of India and Ningbo Beyond Home Textile Co. Ltd., and its sister companies, of China with violating California’s Unfair Competition Law. Since 2010, the Ningbo Companies shipped approximately 713,000 pounds of apparel products into California. Pratibha has shipped more than 19,000 pounds into the state.

Ningbo Beyond Group exports men’s suits, blazers, coats and jackets, as well as fleece cargo pants, fleece jackets and caps to California. Pratibha Syntex exports women’s cotton tops and other clothes for men, women, and children.

The complaints also allege that these companies obtain an unfair advantage because they can redirect money saved by using pirated software to hire employees and to expand their facilities and their research and development efforts. Furthermore, American companies that are developing software, particularly software that is used in the garment industry, are discouraged from investing in new technology and products if they know their software will be used illegally.

California’s apparel manufacturers, which are largely based in Los Angeles County, employed more than 58,000 people last year and generated more than $5 billion in annual revenues since 1990. In 2010, the industry employed 40,872 workers in Los Angeles County, which accounts for nearly 70 percent of the industry’s workforce in the state.

A study by the Orange County Business Council found that California has lost nearly 400,000 manufacturing and technology jobs over the past decade to countries where piracy rates are as high as 80 percent. This activity has resulted in a loss of $1.6 billion in economic activity and $700 million in tax revenue for California.

The complaints are attached to the online version of this release at http://oag.ca.gov/news.

SACRAMENTO -- Attorney General Kamala D. Harris today announced that the California Department of Justice has been awarded a prestigious federal grant to assist state law enforcement officials in addressing intellectual property crime.

The $200,000 grant will be used to investigate and prosecute intellectual property crimes such as piracy and for the development of training programs for California law enforcement officials and prosecutors to improve the investigation and prosecution of intellectual property theft.

Intellectual property crime is the taking of someone’s idea, such as music, a logo or a unique name, as well as the theft of any profitable new way of doing something. In recent years, intellectual property crime has shifted from the selling of goods in public places to the selling of Internet-based products.

"As technology continues to develop rapidly, thieves have moved their illegal activities to computers and the Internet," said Attorney General Harris. "This grant will support my goal of being at the forefront of investigating these crimes and assuring that law enforcement officials throughout the state are well-equipped to bring those involved in intellectual property crimes to justice."

Pirated intellectual property was once only available as a hard good – like a counterfeit DVD or Louis Vuitton bag that was only available on a street corner or at a swap meet. Now these goods are available at on-line market places or available on-line as a download. In these cases, revenue is generated not only from the sale of the pirated material, but also the advertising revenue generated by the Internet traffic that trades or views their stolen goods.

"California’s economy thrives on the intellectual property of artists, creators, inventors, authors, software designers, engineers and so many other innovators," Harris said. "It is critical in California that we protect their creations from theft, misappropriation and counterfeiting."

Because traditional law enforcement jurisdictions do not exist on the Internet, it has grown increasingly difficult for law enforcement officials to determine which agencies are responsible for investigating Internet-based intellectual property crime.

The Department of Justice’s eCrime Unit applied for the $200,000 federal grant to help fund the California Intellectual Property Theft Enforcement Program.

Last year, Attorney General Harris created the eCrime Unit to identify and prosecute identity theft crimes, cybercrimes and other crimes involving the use of technology.

For additional information on intellectual property crime please visit: http://oag.ca.gov/ecrime.

SANTA CRUZ -- Attorney General Kamala D. Harris today announced that Michael Anthony Gomez, Jr., 55, of Capitola, was sentenced in Santa Cruz Superior Court on Friday to 16 months in jail after pleading guilty to one count of selling pirated software.

As required by statute, the court ordered Gomez to forfeit any devices used to manufacture, reproduce, transport or assemble the counterfeit goods. He surrendered his computer to the California Department of Justice so it can be refurbished and donated to an appropriate local charity.  Gomez also agreed to pay restitution in the amount of $5,000 to AutoDesk and between $200-800 to each of the additional four victims.

“The sale of pirated software defrauds both the users and the developers of the programs, and undermines the strong technology-based segment of California’s economy,” said Attorney General Harris. “The eCrime Unit focuses on crimes involving technology, from piracy to identity theft, and I applaud their professionalism and success in securing this conviction.”

Gomez is alleged to have used Craigslist to sell illegally pirated versions of software programs, including Final Cut Studio III, Microsoft Office for Mac, Rosetta Stone Spanish and Mandarin, AutoDesk Revit and Filemaker 12.  These products retail for up to thousands of dollars, but he sold them for substantially less than the suggested retail prices.

The case was prosecuted by the Attorney General’s eCrime Unit and investigated by the Northern California Computer Crimes Task Force (NC3TF). The task force has its main office in Napa County and is one of five inter-agency Computer Crimes Task Forces in California. eCrime Unit prosecutors are assigned to all five task forces.

In April 2012, Gomez was contacted by an investigator with the NC3TF, who observed a post on Craigslist that offered for sale a copy of the program AutoDesk Revit.  On or about April 10, Gomez agreed to sell a 2013 version of the program for $50. Its suggested retail price is $5,000.

Gomez mailed the investigator a DVD containing a version of the program, but it would not load.  Gomez later provided the investigator with a software patch to ensure the program would function.  Properties embedded in the program indicated it was a copy downloaded from the Internet and then burned onto the DVD.

Gomez was charged with Counterfeit of a Registered Trademark Penal Code section 350(a) (2), a felony, as well as four counts of Counterfeit of a Registered Trademark.  Gomez was arrested on July 10.

Gomez is on probation for a 2010 conviction of previously selling pirated software.

In addition to the jail sentence and restitution, Gomez is restricted from having a computer or Internet access for three years. He forfeited his computer equipment to the Attorney General’s office and it will be donated for non-profit and charitable use.

This case was prosecuted by Deputy Attorney General Johnette Jauron of the eCrime Unit.  Attorney General Harris created the eCrime Unit in 2011 to identify and prosecute identity theft crimes, cyber crimes and other crimes involving the use of technology. More information available here: http://oag.ca.gov/cybersafety.

SANTA CRUZ -- Attorney General Kamala D. Harris today announced that bail has been set at $50,000 in the case of Michael Anthony Gomez, Jr., 55, of Capitola, who was charged in Santa Cruz Superior Court with five charges of selling pirated software.

“Illegally selling pirated software rips off both consumers and developers of the programs, and undermines the strong technology-based segment of California’s economy,” said Attorney General Harris. “Criminals are moving their crimes online, and law enforcement must embrace innovation to counter this emerging threat.”

Gomez is alleged to have used Craigslist to sell illegally pirated versions of software programs, including Final Cut Studio III, Microsoft Office for Mac, Rosetta Stone Spanish and Mandarin, AutoDesk Revit and Filemaker 12.  These products retail for up to thousands of dollars, but he sold them for substantially less than the suggested retail prices.

The case is being prosecuted by the Attorney General’s eCrime Unit and was investigated by the Northern California Computer Crimes Task Force (NC3TF). The task force has its main office in Napa County and is one of five inter-agency Computer Crimes Task Forces in California. eCrime Unit prosecutors are assigned to all five task forces.

In April 2012, Gomez was contacted by an investigator with the NC3TF, who observed a post on Craigslist that offered for sale a copy of the program AutoDesk Revit.  On or about April 10, Gomez agreed to sell a 2013 version of the program for $50. Its suggested retail price is $5,000.

Gomez mailed the investigator a DVD containing a version of the program, but it would not load.  Gomez later provided the investigator with a software patch to ensure the program would function.  Properties embedded in the program indicated it was a copy downloaded from the Internet and then burned onto the DVD.

Gomez was charged with Counterfeit of a Registered Trademark Penal Code section 350(a) (2), a felony, as well as four counts of Counterfeit of a Registered Trademark.  He pled not guilty to all charges.  Gomez was arrested on July 10 and a preliminary hearing on the charges is set for July 23.

Gomez is on probation for a 2010 conviction of previously selling pirated software.

This case is being prosecuted by Deputy Attorney General Johnette Jauron of the eCrime Unit.  Attorney General Harris created the eCrime Unit in 2011 to identify and prosecute identity theft crimes, cyber crimes and other crimes involving the use of technology. More information available here: http://oag.ca.gov/cybersafety.

SAN FRANCISCO -- Attorney General Kamala D. Harris today announced that Facebook has become the seventh company to sign the Joint Statement of Principles to strengthen privacy protections for consumers around the world who use online applications on their smartphones, tablets and other electronic devices. The agreement extends the reach of California’s privacy protections beyond mobile apps to include social apps in Facebook’s App Center, which are used daily by millions of consumers. Among other protections, the agreement seeks to improve compliance with California law requiring apps that collect personal information to have a privacy policy.

“Consumers deserve to be able to make informed choices about how much personal information they want to share with others when using social apps,” said Attorney General Harris. “We are delighted that Facebook has joined Amazon, Apple, Google, Hewlett-Packard, Microsoft, and Research in Motion to provide consumers with greater control and information about how their personal data is used.  We need to protect privacy while we foster innovation.”

In a letter to Attorney General Harris released today, Facebook wrote “…we hope that you will consider us a signatory to the Joint Statement.” Facebook joins an agreement that was first announced in February when Amazon.com Inc., Apple Inc., Google Inc., Hewlett-Packard Company, Microsoft Corporation, and Research in Motion Limited all signed on to a Joint Statement of Principles. 

In the letter, Facebook’s Chief Privacy Officer Erin M. Egan wrote, “As you know, the Joint Statement’s principles embodied essential protections for Californians and others who use mobile apps by encouraging companies that provide mobile app markets to give developers the ability to provide a link to their privacy policies and to display those links along with other app details….As we built the App Center, we were guided by the principles contained in the Joint Statement.”

Starting in 2011, Attorney General Harris worked with Amazon, Apple, Google, Hewlett-Packard, Microsoft, and Research In Motion to forge the Joint Statement to ensure that emerging online technologies such as mobile apps comply with California’s Online Privacy Protection Act (Simitian, 2004).  The Act requires operators of commercial web sites and online services, including mobile and social apps, who collect personally identifiable information about Californians to conspicuously post a privacy policy.  The posting of a privacy policy promotes transparency and provides consumers with more informed control over their personal information. Today’s agreement recognizes the Facebook App Center’s role as a clearinghouse for a variety of social apps.

A letter from the Attorney General’s Office to Facebook said, “California law requires all operators of commercial web sites and online services, including mobile and social apps, who collect personally identifiable information about Californians to conspicuously post a privacy policy.  We are very pleased that Facebook has incorporated the Principles into the design of the App Center and that Facebook requires, as a condition of participating in the App Center, that developers submit a link to a privacy policy.  We are also pleased to see that Facebook is prominently displaying the link to an app’s privacy policy in the App Center, and is implementing a means to report and remediate privacy issues.”

In addition to signing the Joint Statement, Facebook will participate in a multi-stakeholder Advisory Group on Mobile Privacy Practices that the Attorney General’s Office and the California Office of Privacy Protection have convened to develop best practices for mobile privacy generally and to develop model mobile privacy policies in particular.

Copies of both letters are attached to the electronic version of this release at: http://oag.ca.gov/news

The February 2012 press release announcing the apps agreement can be found here: http://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-secures-global-agreement-strengthen-privacy