California Attorney General Discovers Mobile Apps – Alert the Media!

Yes I know this is old news, but bear with me.  This is commentary, or muckraking or yellow journalism – you decide.  In any event, we’ll call this muck-blogging from here on out.  

The Attorney General of the State of California recently announced an initiative regarding the application of the California Online Privacy and Protection Act to mobile apps.  (The FTC did something similar, but we’ll get to them another time.)  Pretty much every law firm with more than 150 lawyers wrote some kind of notice to clients about it.  I wrote one too.  You can find it here:

You’ll see my notice is a very serious lawyer thing for very serious lawyer.  But here in Big Data and the Law we have a forum in which we can be less circumspect. 

On with the muck-blogging.

Waking up to the existence of mobile apps is great.  It’s too bad that this California thing doesn’t have much of a relationship with reality.  It’s just about disclosure, and that’s the problem

Let’s start with the physical realities.  Mobile devices are too small to be a vehicle for meaningful disclosure.  In fairness, the Attorney General did note this as a problem in Privacy on the Go; Recommendations for the Mobile Ecosystem published by California. 

You can find it here:


In there you will find that the closest thing to a solution to the screen size problem is a suggestion about using a link to a full privacy policy.  Get your mobile out, find an Amazon app, work your way to the Amazon privacy policy and read through it on your mobile.  Let me know what you think.  Keep in mind that Amazon was one of the participants in the development of this California thing.

This brings us to the two biggest disconnects between the Attorney General and reality.

1.         No one is going to read the privacy policies the Attorney General wants disclosed.

Writing terms and conditions of use and privacy policies is part of my practice.  I am under no illusion that anybody has ever read a word of the ones I have drafted. 

2.         There is no reason for people to waste their time reading a mobile app privacy policy.

We can’t negotiate with our mobile devices any more effectively than we’ve been negotiating with our laptop and desk side computers for the past umpteen years. 

The Attorney General seems to believe that, once we are all fully informed about app vendor information practices, we’ll be able to make choices among apps that are based on differences in those information practices – in her words, “meaningful choices.”

My mobile device gives me three choices if I want to use a location service:

Verizon Wireless

By selecting “VZW location services”, you are enabling Verizon Wireless and third party authenticated and validated location services to access certain location information available through this device and/or the network.

Google Location Services

Allow Google’s location service to collect anonymous location data.  Some data may be stored on your device.  Collection may occur even when no apps are running.

Standalone GPS Services

By selecting “Standalone GPS services”, you are enabling access to all location information by any third party through web access or any software or peripheral components you chose to install, download, add or attach to the device or any other means.  Enabling this functionality could pose certain risks to users of this device.

My choice is to take it or leave it. 

Disclosure, by itself, is not going to get it done.

Thursday we’ll have more on that problem.

This entry was posted in Big Data, Policy, Privacy and tagged , , . Bookmark the permalink.