Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

California AG Gives App Developers 30 Days To Post Privacy Notice 108

Trailrunner7 writes "California Attorney General Kamala D. Harris today announced a crackdown on mobile application developers and companies that haven't posted privacy policies, at least where users can easily find them. The attorney general is giving recipients 30 days 'to conspicuously post a privacy policy within their app that informs users of what personally identifiable information about them is being collected and what will be done with that private information,' according to a prepared statement. A sample letter defines the issue at hand. 'An operator of a mobile application ("app") that uses the Internet to collect PII is an "online service" within the meaning of CalOPPA. An app's commercial operator must therefore conspicuously post its privacy policy in a means that is reasonably accessible to the consumer. Having a Web site with the applicable privacy policy conspicuously posted may be adequate, but only if a link to that Web site is "reasonably accessible" to the user within the app.'"
This discussion has been archived. No new comments can be posted.

California AG Gives App Developers 30 Days To Post Privacy Notice

Comments Filter:
  • by Nerdfest ( 867930 ) on Wednesday October 31, 2012 @07:55AM (#41829109)

    Why treat mobile apps as a special case? All software applications, client-side or web based should be treated the same way.

    • Not sure, but I guess that the reason is that you have a special chapter in your lawbooks regarding mobile phones, and a separate one regarding the internet?
      Even though the mobile apps are essentially just a piece of software, it needs to be put into the right lawbook to have an effect in the right way. Bureaucracy, you know.

      There was a time when it was easy to distinguish between a phone and a computer, and completely different laws applied. That has changed now, but the lawbooks may still lag behind a lit

      • Not sure, but I guess that the reason is that you have a special chapter in your lawbooks regarding mobile phones, and a separate one regarding the internet?

        You could guess that, or you could RTFA -- or even RTFS -- and see that the law applies to all "online services", and the mobile apps that have been the subject of the recent round of notifications were singled out not because they were "mobile apps", but because they were online services within the meaning of the law and weren't following the rules

    • Re:Mobile (Score:4, Informative)

      by demonbug ( 309515 ) on Wednesday October 31, 2012 @10:31AM (#41830719) Journal

      Why treat mobile apps as a special case? All software applications, client-side or web based should be treated the same way.

      They aren't treated as special cases. The rules apply to any online applications, which includes pretty much all mobile apps. It's just that mobile app makers have been very poor at following the rules, likely because so many of them are small fly-by-night companies that don't have a legal department telling them what they are supposed to be doing. So 100 companies get notices that they need to have privacy policies posted, it gets splashed all over the news, and hopefully this will wake the others up to the fact that they need to be doing this just like the big boys.

    • Why treat mobile apps as a special case? All software applications, client-side or web based should be treated the same way.

      Because everybody* has a smartphone.

      * "that matters"

    • Why treat mobile apps as a special case?

      They aren't. The law, as explained in TFS, applies to all "online services".

  • by concealment ( 2447304 ) on Wednesday October 31, 2012 @07:57AM (#41829127) Homepage Journal

    Instead of attaching a sample compliance letter, why didn't the AG attach a sample privacy policy and open source it so that developers can use it?

    Pasting in a generic document is much more likely to happen than all those app developers running out and hiring lawyers, so she will either get lower compliance or shoddier privacy policies.

    Is it too much to ask that government take the lead in this case? I can't imagine it costs the AG anything, since that office hires a staff of lawyers.

    • by emj ( 15659 )

      What's needed is something like that Terms of Service did not read [tos-dr.info], with easy bullet points telling you just how evil this app is, sure ToS and privacy policies aren't exactly the same thing. This was discussed on slashdot [slashdot.org] last week.

      • There's a lot of pushback against bullet points, with people talking about "The Power Point effect," where somehow reading a lot of bullet points turn ordinary people into morons. I'm with you -- I think whatever works to make the simplest and clearest communication is best. Going to the level of memes might be taking it too far, but no one's suggest that yet thankfully.

        • Let's see (Score:4, Funny)

          by SmallFurryCreature ( 593017 ) on Wednesday October 31, 2012 @09:48AM (#41830295) Journal
          • There's a lot of pushback against bullet points:
            • people talking about "The Power Point effect,"
               
            • where somehow reading a lot of bullet points turn ordinary people into morons.
          • I'm with you --
            • I think whatever works to make the simplest
            • clearest communication is best.
          • Going to the level of memes might be taking it too far, but no one's suggest that yet thankfully.
        • the problem is that Power Point Bullets do not have a large enough Caliber (or the person doing the Power Point was not threatened with Bullets of a large enough Caliber)

          the best way to prevent the PPE is to act as if you need to travel by Air with actual Bullets (and a matching FireArm of course)

          1 DO NOT JUST READ THE SLIDES
          2 have roughly an index card worth of info on each slide (not counting what you are just stating)
          3 don't get "cute" with your transitions/embedded media
          4 limit yourself to maybe a dozen

    • Bureaucrats are incredibly lazy.
    • by Sarten-X ( 1102295 ) on Wednesday October 31, 2012 @08:20AM (#41829331) Homepage

      Why didn't the AG attach a sample? Because it's a silly idea.

      This is a legal document, probably differing for every case, and the point in requiring it is to make developers take a hard look at what information they access and how they use it. Rubber-stamping a boilerplate lets developers say they have a privacy policy, but it doesn't actually encourage any increase in privacy until somebody's sued over it. Once that happens, there will be a few developers who think about privacy, but most won't even know the case happened.

      Like most legal documents, you usually don't actually need a lawyer to write it. You may need a lawyer to make it bulletproof against other lawyers, but any statement is enough. You could drop in a note saying "This app doesn't intentionally collect any personally-identifiable information, and doesn't contact external services" and probably satisfy the needs of the law, assuming it's accurate. In the event of a lawsuit, though, that statement would cause a little trouble (and open up room for opposing lawyers to argue), because it doesn't define "personally-identifiable" or "external" adequately. Does a game ask for a name for a high-score list? Does it send usage reports or download updates from a developer's server?

      A lawyer could enumerate all the things the app does and doesn't do, in absolutely clear language, so there's no question where users' data goes, but for many apps (especially for those made without the intent of profit) that's unnecessary. Developers should already know how their program works, so they should be able to define one aspect of it.

      Disclaimer: IANAL, but I've had my share of dealings with them.

      • by concealment ( 2447304 ) on Wednesday October 31, 2012 @08:29AM (#41829433) Homepage Journal

        This is a legal document, probably differing for every case, and the point in requiring it is to make developers take a hard look at what information they access and how they use it.

        I disagree that it's going to be that different. If they need to list different data fields that will be retained, or change a length of time, they can edit the open-source document for their specific needs. But this gives them a template to work from which has all of the lawyerese perfected.

        I can't agree that the document will differ in every case. In my experience, the differences will be slight, and thus having an open source document would encourage programmers to adopt a general standard (like a community rule) for how they're going to approach privacy issues.

        The result would be a raising of the overall standard to that of the proposed document, which is why it's a good idea to have professionals write it and "promulgate" it.

        • by Sarten-X ( 1102295 ) on Wednesday October 31, 2012 @10:05AM (#41830457) Homepage

          A privacy policy shouldn't just be a checkbox on a compliance procedure. Like any policy, it should only be the result of careful consideration. Yes, eventually many developers will come to broadly the same conclusions, but the process of writing (and verifying) the policy conveys the importance it should have. The privacy policy is effectively a promise of what your app will or won't do, and if that promise is made just to save time, it likely won't mean anything to the person making it.

          Sure, there could be a Creative Commons-like system, where developers pick and choose what options they include. My concern is that by having an easy-to-make policy, the policy is also easy to forget. When a later version adds a new feature or advertisements, how likely is it that the long-forgotten privacy policy will be updated to match? If a legally-bulletproof blanket-permission policy can be made cheaply and easily, why not just apply that to all apps, regardless of the actual capabilities of the program?

      • A lawyer could enumerate all the things the app does and doesn't do, in absolutely clear language,...

        Clear language? Legalese is about as far from clear as one can get.

        • by Dog-Cow ( 21281 )

          Not to mention, but how exactly do you enumerate all the things your app doesn't do?

          • "No other personal information is collected" or other similar wordings will do nicely. If there's something that you know your app will never try to do, it can be listed as a reassuring gesture to the user.

            By the way, the link in your signature is broken.

            • by TuFur ( 1898944 )

              "No other personal information is collected" or other similar wordings will do nicely. If there's something that you know your app will never try to do, it can be listed as a reassuring gesture to the user.

              By the way, the link in your signature is broken.

              That works for apps off the various stores....But doesn't work for pre-installed bloatware the provider is running while you use your phone. Verizon is great for these apps. They crash your phone not releasing memory while your doing memory intensive activities. No App needs access to your cellular phone except to keep it from sleeping. Asking for contacts is bad programing and presentation....I'm seeing alot of this disappear from the Google apps. But Apple doesn't present rights to the end user....is it t

        • The reader's lack of education is not the author's fault.

          My opinion is that the problem of "legalese" stems not from obtuse writing, but rather from the lack of adequate reading comprehension skills in today's society. As printed language has become more common, literature has followed the common grammar into a more casual (but imprecise) tone. Schools, in appealing to modern culture, require less reading of older works in favor of modern literature. Where once a student would read The Canterbury Tales or M

          • by bmo ( 77928 )

            Where once a student would read The Canterbury Tales or Moby Dick, they now read Harry Potter or Twilight.
            that many now call Legalese.

            Legalese is not prose or poetry. It is not Chaucer, Shakespeare, Emerson, or Auster. It is closer to math than prose. While literary English hinges on "deeper meaning," legal English hinges on the logical operators of "and" "or" "not" and "nor" and punctuation. A single "and" instead of an "or" or "not" can change the entire meaning of a contract. Well written legal doc

            • Just a few hundred years ago, it was not uncommon for a document to break off into several lines of pure Latin, and then jump back into English again without any explanation. The abstruseness of legalese is deliberate for excluding the legally untrained and to justify high fees. Legalese is characterized by long sentences, many modifying clauses, complex vocabulary, high abstraction, and insensitivity to the layman's need to understand the document's gist.

              Here's one of my favorite jokes about legalese, bu

              • Note the differences in the statements you gave.

                “I give you this orange.”

                In this case, the giver is simply handing over a fruit. There is no indication of what the receiver is expected to do with it, whether it will be expected back, or whether it even is actually an edible orange. For all the receiver knows, taking the orange means he's just entered a common-law marriage with the giver's niece, mother, and cat.

                “Know all persons by these present that I hereby give, grant, release, convey, transfer and quitclaim all my right, title, interest, benefit and use whatsoever in, or and concerning this chattel, otherwise known as an orange, or citrus aurantium, together with all the appurtenances thereto of skin, pulp, pip, rind, seeds and juice to have and to hold the said orange, for his own use and behoof, to himself and his heirs, in fee simple forever, free from all liens, encumbrances, easements, limitations, restraints or conditions whatsoever, any and all prior deeds, transfer, or other documents whatsoever, now or anywhere made to the contrary notwithstanding, with full power to bite, cut, suck or otherwise eat the said orange or to give away the same, with or without its skin, pulp, pip, rind, seeds or juice.”

                Clarity at last! Let's break this down a bit...

                Know all persons by these present

                This is a public deal, and everybody watching is expected to know about it.

            • All very true. I did not mean to imply that prose or poetry would translate directly into a career as a lawyer, but rather that I feel schools simply don't focus enough on difficult works (and I generally find older works to have more difficult material). The goal in a literature class is to explore the deeper meanings and interpretations of literature. For that purpose, many modern works are fine (though I'm partial to science fiction, myself).

              What I bemoan is that there is never a class emphasizing readin

              • Our society has accepted that a fifth-grade reading level should be the defacto standard for most published works. Consumer oriented publications such as newspapers and magazines tend to be written to be easily read by someone with a fifth grade education. Such a level should be appropriate for any contract intended for a general audience. If you write for a specific audience you can use vocabulary that they will (or should) recognize, and sometimes it is more eloquent and precise to use a particular wor

                • by dgatwood ( 11270 )

                  I think it would be more precise to say that English has largely replaced Latin and Greek as the shared language of communication across cultures. Thus, in much the same way that someone native to Greece two hundred years ago did not need to know English to communicate with people in other countries, someone native to an English-speaking nation today need not learn Latin for that purpose except as an intellectual exercise.

          • by TuFur ( 1898944 )
            I remember finding out about forms during a DIY child custody. I turned to Nolo books and they had the boiler plate doc. The family judge signed it off in 10 mins...$500 lawyer fee saved. Since then, I've learned how much of our judicial system could be lawyer free. This only applied to a non-arguable situation. A trained mad hatter arguable individual is your friend in other situations....Melvin Beli was my favorite for beating a drunk driving complaint and giving up his driving license to win. Simple En
        • by dgatwood ( 11270 )

          Clear language? Legalese is about as far from clear as one can get.

          Apart from severability and choice of law/venue clauses, there should be almost no legalese in a privacy policy, for two reasons.

          • First, a contract requires a meeting of the minds. If your policy is so abstruse that one party doesn't actually understand the terms, you may not actually have a contract.

          • Second, if you can't explain in common English what you are doing with my data, that almost always means that you're doing something nefario

      • by Bogtha ( 906264 ) on Wednesday October 31, 2012 @09:00AM (#41829767)

        This is a legal document, probably differing for every case, and the point in requiring it is to make developers take a hard look at what information they access and how they use it. Rubber-stamping a boilerplate lets developers say they have a privacy policy, but it doesn't actually encourage any increase in privacy until somebody's sued over it.

        This happens anyway. I have to fight this battle every time I build an app that collects personal information. Every single time in four years of developing apps, I have been provided with the privacy policy for their website, that specifically describes things that are only applicable to their website, that doesn't account for their mobile app at all. I've got a current project hanging at the moment where we've chased them for a real privacy policy about half a dozen times. The rest of the app is finished, we're still waiting for the privacy policy, weeks later. If it wasn't for us insisting, the app would be live with a meaningless privacy policy they don't follow, and I'm certain other app developers aren't as insistent as us.

      • by pmontra ( 738736 )

        Like most legal documents, you usually don't actually need a lawyer to write it.

        And even if you need them Iubenda [iubenda.com] is an example of a self service privacy policy generator. They have a legal team that writes the standardized pieces you put together for your site. I've been using it for a couple of web services. Iubenda is specific for the web but I bet the same could be done for mobile applications.

    • by fustakrakich ( 1673220 ) on Wednesday October 31, 2012 @09:12AM (#41829897) Journal

      ...why didn't the AG attach a sample privacy policy and open source it so that developers can use it?

      Because the real intention here is to put small independent developers with their 'disruptive' technology who can't afford a gaggle of lawyers out of business. The whole idea of a 'privacy policy' can be nothing more than a jobs program for the legal profession. It is impossible to enforce such nonsense.

      • by bmo ( 77928 ) on Wednesday October 31, 2012 @09:32AM (#41830127)

        Because the real intention here is to put small independent developers with their 'disruptive' technology who can't afford a gaggle of lawyers out of business.

        Bullshit. It's not a conspiracy. This is an issue everyone in the 80s running single-line BBSes had to deal with. The ECPA became law 24 years ago. The California AG's message should not surprise you.

        Copy someone else's privacy policy. It's what lawyers do anyway. You think they actually work at this stuff? It's all boilerplate.

        You can say "we do not collect any user data" and make sure your program doesn't phone home or disclaim all privacy whatsoever. and hope nobody actually reads your privacy policy. Copy Facebook's privacy policy if you want to be evil. They bury the "we own everything you post" in language that you and I can understand but not 90 percent of users.

        And at the end of it, say "we reserve the right to change this policy in the future." to further cover your ass.

        It's not hard if you're honest and up front. It's only hard if you want to deceive users. That's where the tricky language comes in.

        --
        BMO

    • by geekoid ( 135745 )

      Becasue not all apps will have the same privacy policy. The compliance letter is standard fair.

    • Instead of attaching a sample compliance letter, why didn't the AG attach a sample privacy policy and open source it so that developers can use it? Pasting in a generic document is much more likely to happen than all those app developers running out and hiring lawyers, so she will either get lower compliance or shoddier privacy policies.

      Because the privacy policy has to describe what personally identifying information (PII) the online service actually collects and what the online service operator actuall

    • Instead of attaching a sample compliance letter, why didn't the AG attach a sample privacy policy and open source

      What is this fascination with "open sourcing things?" Are you afraid someone will take the "sample privacy policy" and copyright it? Or are you afraid people will distribute copies without distributing the source?
      The government can't copyright things, so there is no need to "open source" the sample privacy policy.

    • Instead of attaching a sample compliance letter, why didn't the AG attach a sample privacy policy and open source it so that developers can use it?

      As someone who recently hired a lawyer to go over a Privacy Policy and Terms of Service, I can assure you that what the average person THINKS should be in a Privacy Policy and Terms of Service are vastly different than what is needed to be legal, and most important, enforceable.

      A good Privacy Policy should include not just what you store, but how you collect it, and how it is stored. Are you using cookies? Can I opt-out of using cookies? Can anyone else see those cookies? If I delete the app, does that dele

  • by Manfre ( 631065 ) on Wednesday October 31, 2012 @08:06AM (#41829195) Homepage Journal

    With only 30 days to get a policy written and added to the app, I guess that means that most iPhone apps will not be able to comply.

  • by Opportunist ( 166417 ) on Wednesday October 31, 2012 @08:06AM (#41829197)

    Don't like it? Stop using the app you paid for!

    No refunds. Sucks to be you.

  • by Bogtha ( 906264 ) on Wednesday October 31, 2012 @08:13AM (#41829267)

    The article contradicts itself. Early in the article, it states that the policy has to be within the app, then later on, it says it has to be in the App Store. There's a huge difference between the two in what it means for app publishers.

    • by Joehonkie ( 665142 ) on Wednesday October 31, 2012 @08:19AM (#41829327) Homepage
      Is it a difference a politician can even appreciate? I doubt it.
      • by Bogtha ( 906264 ) on Wednesday October 31, 2012 @08:27AM (#41829407)

        She's supposedly been consulting with app developers, although not ones representative of the larger industry.

        Tthis is what could happen if it had to be within the app:

        • Receive letter requiring a policy in your app within 30 days.
        • Shit, we outsourced this (common because mobile developers are few and far between).
        • Pay for changing the design to include a button to show the policy.
        • Pay for a developer to make the necessary changes.
        • Shit, the developer we used has a full schedule, we have to find somebody else (again, common).
        • Find a new developer.
        • Get them up to speed on the project and get them to make the changes.
        • Submit the update to Apple.
        • Wait an unknown amount of time for it to be reviewed.
        • Apple don't like something in your app. Maybe their policies changed, maybe a previous reviewer didn't catch something, maybe you've just got a bad reviewer.
        • Go back to the designer and developer and pay for them to do more work, if feasible.
        • Resubmit to Apple.
        • Wait an unknown amount of time for it to be reviewed.

        And you've got to fit that into 30 days. And that assumes the changes Apple requires you to make aren't fundamental to your business model or operation of the app. And that assumes only one round of alterations is required. And that assumes it's feasible for you to pay for expensive mobile developers.

        Meanwhile, here's what it would be like if the policy only needs to appear in the App Store:

        • Receive letter requiring a policy in your app within 30 days.
        • Stick a policy online. It can be anywhere, even if you don't have a website, you can just sign up on Wordpress.com or something and post it there.
        • Log into iTunes Connect and put the link into the privacy policy field.
        • by Eraesr ( 1629799 ) on Wednesday October 31, 2012 @08:44AM (#41829581) Homepage
          Actually, that isn't the biggest problem. Yeah sure, an in-app privacy policy is a problem for a developer, but I'm sure that if you've submitted your app to the appstore within the 30 day limit and it's denied by Apple because of a different reason, a judge will probably take that into account when deciding on that issue.

          No, a much bigger issue in the difference between in-app or an in-store privacy policy is for the consumer. If the privacy policy is in the store, you can read it and assess it before downloading and installing the app. If you don't like the privacy policy, then don't download and install the app. If it's an in-app document or link, then you have to download, install, run, possibly even create an account an login all before you get to see the privacy policy. By that time, the app has probably already completely sucked all personal information out of your phone and submitted it to the app owner.

          Same with a EULA that's presented to you when you install a piece of software on your PC. That EULA is presented to you after you've bought the software. So if you don't agree with the EULA, then I'm pretty sure the seller is forced to completely refund the software to you. It's basically the same thing as buying a bread from the baker and after paying, the baker says that you are only allowed to eat the bread at home, and only if don't put any meat on it.
  • by Anonymous Coward

    In UKRANE Capitalist Country!!!!! DOES Not apply.

    Hahah.

    $$$$$

  • Is this guy serious? (Score:5, Interesting)

    by SuperMooCow ( 2739821 ) on Wednesday October 31, 2012 @08:24AM (#41829367)

    Does this guy expect app developers from other states to comply with the laws of California? What about developers from other countries?

    • by Mormz ( 1690440 )
      Well he need to earn a pay check somehow. I mean seriously, this is a patent-troll lawyer wannabe. He doesn't give a shit about privacy, he just want's to have a new car and a boat.
      • Well he need to earn a pay check somehow. I mean seriously, this is a patent-troll lawyer wannabe. He doesn't give a shit about privacy, he just want's to have a new car and a boat.

        Kamala Harris, the Attorney-General of California, is not a "he" (strike one), is not any kind of "lawyer wannabe" (strike two), and doesn't get any more money for doing this than she would get as Attorney-General not doing it (strike three).

    • Does this guy expect app developers from other states to comply with the laws of California? What about developers from other countries?

      People can be forgiven for not realizing Kamala Harris [wikipedia.org] is African American and Asian American, but she's definitely not a guy.

    • by geekoid ( 135745 )

      If you want to sell your product in California, then yes.

    • Does this guy

      Kamala Harris is not a guy.

      expect app developers from other states to comply with the laws of California?

      All of the specific businesses I've seen mentioned as recipients of these notices are businesses that do businesses in California in a fairly substantial way besides having their relevant online service available in California (e.g., major US airlines.)

    • Laws don't work that way. If you distribute something in a certain area, you must abide by their laws (at least concerning usage).
  • OK, it's official, "app" is known to the State of California to be defined as a "mobile application".

  • Permission: Fine GPS position (to verify that you're not in california, so as to not show it)

    • by zlives ( 2009072 )

      UID and user info to confirm records of sale from vendor that the product was billed in califaornia, then sell info... profit?

  • by nickberry ( 1226494 ) on Wednesday October 31, 2012 @08:44AM (#41829575)
    This just sounds like a really good reason to put in a data field for state when signing up for an app, and exclude Californians from use of the app, and explain to them because over burdening regulations our App is not available in your state, please contact the California Attorney Generals office for more information regarding these regulations. While there a lot of people in California, sometimes it's best to just avoid states or places where your work is not appreciated.
    • by geekoid ( 135745 )

      Yes, becasue no one want to tap a market that huge.

      "because over burdening regulations"
      Yes, telling them they have to post there privacy policy where the consumer can reasonably get to is so overburdening~

      "avoid states or places where your work is not appreciated."
      there is no rule people need to appreciate your work, so get over it.

      • And there is no rule where I have to participate in a state with over burdening regulations. And California is that place.
  • by vikingpower ( 768921 ) on Wednesday October 31, 2012 @08:44AM (#41829583) Homepage Journal
    ...and doing nothing more than his or her job: to ensure that the state enforces that which by law it must enforce. Period.
    • This is correct. It is a law which I do not see any way for them to constitutionally enforce on developers who operate out of another state (let alone another country). Although I suspect that the state legislature could have written something into the law forcing the App Store to remove any app which is in violation of the law (assuming the company that runs the App Store is based in CA).
      • by AuMatar ( 183847 )

        Unless they're selling to someone who lives in California. In which case the sale is governed by California law. Now if the developers said CA residents can't buy it (and are not themselves CA residents) then they can ignore this.

      • It is a law which I do not see any way for them to constitutionally enforce on developers who operate out of another state (let alone another country).

        The firms whose apps have been mentioned as recipients of non-compliance notices (e.g., United Airlines, Delta Airlines, and OpenTable) all have significant operations in California besides the mere presence of their mobile app (and OpenTable is headquartered in San Francisco.) So...what's your point?

        • My point is that this is a law which will encourage businesses to locate as much of their operations outside of California as possible. It will encourage companies to create divisions outside of California that can be considered separate entities from the parts that do business in California and use those divisions to write apps.
    • by Sloppy ( 14984 )

      I'm not so sure about that. Maybe I'm reading the wrong thing [ca.gov] (someone please correct me if you have a better reference) but I don't see anything in here which suggests a client application which interoperates with an online service is an online service, or that a client application which downloads other clients, is somehow governed by this law to display those other applications' policies in addition to its own.

      You might say this is splitting hairs and ignoring the spirit of the law, but the text I'm readi

      • I'm not so sure about that. Maybe I'm reading the wrong thing (someone please correct me if you have a better reference) but I don't see anything in here which suggests a client application which interoperates with an online service is an online service

        The app is just the mechanism by which a consumer "visits" the online service, which is the point at which the cited law requires the operator of the online service to make the privacy policy available.

        or that a client application which downloads other clie

  • by pla ( 258480 ) on Wednesday October 31, 2012 @08:59AM (#41829743) Journal
    Dear California Attorney General Kamala D. Harris:

    Go pound sand.

    Sincerely,
    Someone who doesn't live in California.
    • by geekoid ( 135745 )

      You don't live there, why would they give a shit about you? why would you give a shit about them?
      Yes, let stop consumer protection, what could go wrong?

      • by pla ( 258480 )
        You don't live there, why would they give a shit about you? why would you give a shit about them?

        Because:
        1) TFA says nothing about the AG threatening only companies located in CA, and
        2) California has a long history of strong-arming their regulatory environment onto the rest of the US simply by virtue of the size of their economy.

        We don't need another Andrew Cuomo wannabe destroying a major part of the online world in a pathetic attempt to make a name for themselves while forcing their morals on the
    • by mcgrew ( 92797 ) *

      You don't have to live in California to be bound by their laws. If you visit there or do business there, you are bound by their laws.

      You will be the one losing out, not California. Someone else has written the equivalent to your app, and they'll get the sales you would have.

      And... if you have to be sneaky to get their info, I don't think much of your morality. IMO that's really assholish behavior and I wish you people would stop it.

      • by pla ( 258480 )
        if you have to be sneaky to get their info, I don't think much of your morality. IMO that's really assholish behavior and I wish you people would stop it.

        FWIW, I agree with you. But as I said in my other response, this doesn't stop anyone from collecting anything. It just requires posting a privacy policy. And if you've read any privacy policies lately, you'll know that they virtually all say "we do what we want, deal with it or piss off".

        I support real consumer protection laws. I don't support fee
  • who's going to do all the policing? Kamala D. Harris?

"He don't know me vewy well, DO he?" -- Bugs Bunny

Working...