United Continental Holdings Inc., Delta Air Lines Inc. and OpenTable Inc. are among companies in violation of a California protocol governing mobile applications for failing to conspicuously post their privacy policies, a person familiar with the matter said.
Companies using as many as 100 mobile apps were told in letters sent Oct. 29 by California Attorney General Kamala Harris that they have 30 days to make their privacy policies readily accessible to consumers of their online services, said the person, who declined to be identified because the matter isn’t public. In a statement yesterday, Harris didn’t include the names of the companies her office has contacted.
“Protecting the privacy of online consumers is a serious law enforcement matter,” Harris said in an e-mailed statement. “We have worked hard to ensure that app developers are aware of their legal obligations to respect the privacy of Californians, but it is critical that we take all necessary steps to enforce California’s privacy laws.”
United is “taking all steps necessary and appropriate to ensure compliance with California law as it relates to our mobile app,” United spokeswoman Mary Clark said in an e-mail.
Chris Kelly, a spokeswoman for Atlanta-based Delta, said in an e-mail that the company will to provide the information Harris requested.
California is the only state to require privacy policies for mobile applications as well as websites, Chris Conley, a technology lawyer at the American Civil Liberties Union in San Francisco, said in a phone interview. Consumers are becoming more aware of which apps collect personal information, he said.
“As people become more concerned about how much information is on a smartphone -- about their location, about their contacts, about their shopping -- I think people will pay more attention to applications’ policies in terms of what they collect, how they use it, what they retain and how they share this data,” Conley said.
Companies face penalties of as much as $2,500 for each download of an application violating the law, according to a copy of the letter Harris sent to the companies. The letter directs the companies to explain within 30 days their “specific plans and timeline to comply” with the law, or why the application isn’t covered by it.
Tiffany Fox, a spokeswoman for San Francisco-based OpenTable, an online service that books restaurant reservations, didn’t immediately return a call seeking comment on the attorney general’s communications.