Attorney General Kamala D. Harris Launches New Tool to Help Consumers Report Violations of California Online Privacy Protection Act (CalOPPA)
Part of Multi-Pronged Effort to Improve Online Privacy and Increase Compliance with CalOPPA
SAN FRANCISCO -- Today, Attorney General Kamala D. Harris announced the release of an online form to help consumers report websites, mobile applications, and other online services that are in violation of the California Online Privacy Protection Act (CalOPPA). A website or app operator may violate CalOPPA by failing to post privacy policies or posting incomplete or inadequate policies. This new form is one of several initiatives Attorney General Harris is undertaking to protect Californians’ privacy, especially in light of technological advances and the growth of the “internet of things.” The form is available at https://oag.ca.gov/reportprivacy.
“In the information age, companies doing business in California must take every step possible to be transparent with consumers and protect their privacy,” said Attorney General Harris. “As the devices we use each day become increasingly connected and more Americans live their lives online, it’s critical that we implement robust safeguards on what information is shared online and how. By harnessing the power of technology and public-private partnerships, California can continue to lead the nation on privacy protections and adapt as innovations emerge.”
In 2011, the Future of Privacy Forum (FPF) conducted a study which found that many mobile apps were missing privacy policies, prompting the Attorney General to secure a first-of-its-kind agreement with the leading mobile application platforms, including Apple, Google Play and Amazon, to improve compliance; this agreement was later expanded to include Facebook. As a part of her continued commitment to privacy, Attorney General Harris directed her office to conduct a five-year review on mobile app compliance with CalOPPA and commissioned the FPF to conduct a new study of the top 100 mobile apps. In addition, the Attorney General’s office is collaborating with computer scientists at Carnegie Mellon University to review apps in the Google Play store for compliance with the law and consulting with privacy experts, designers, and researchers to assess the effectiveness of CalOPPA and the “Do Not Track” legislation, which was sponsored by Attorney General Harris.
Attorney General Harris has a long track record of encouraging innovative and growth while protecting consumers’ privacy online. Earlier this week, she announced a new initiative—the California Cyber Crime Center—to help law enforcement fight crime in the digital era. The center includes the California Department of Justice’s Privacy Enforcement and Protection Unit, which Attorney General Harris created in 2012. The Unit is responsible for enforcing state and federal privacy laws, providing Californians with information and strategies on how to protect their privacy, and encouraging businesses to follow best protection practices. Throughout her administration, the Attorney General has prosecuted and reached settlements with major corporations including Anthem Blue Cross, Citibank, Kaiser, Comcast, Houzz and Wells Fargo Bank for violating California’s privacy protection standards. Attorney General Harris has also released numerous consumer alerts to help Californians, including alerts on how to adjust the location settings on your mobile phone and protect against identity theft, as well as consumer information sheets on a broad range of privacy issues.
Attorney General Harris is also strongly committed to data security, safeguarding consumers’ sensitive online information. In February, Attorney General Harris released a data breach report detailing the nature of reported breaches in the last four years, accompanied by recommendations for business and lawmakers including pointing to standards regarding “reasonable security” for protecting personally identifiable information. The office recently conducted a set of workshops for small businesses in conjunction with security experts from the Center for Internet Security.