California AG Announces CCPA Compliance Sweep of Mobile Apps ahead of Data Privacy Day
California Attorney General Rob Bonta announced today an investigative sweep of mobile apps, focused on popular apps in the retail, travel, and food service industries that fail to comply with the California Consumer Privacy Act (CCPA). According to a press release, the sweep is focused on apps that allegedly fail to comply with consumer opt-out requests or do not offer any mechanism for consumers who want to stop the sale of their data. The press release also highlights enforcement in relation to the handling of agent requests, namely through an agent service created by Consumer Reports called “Permission Slip.”
As a reminder, though the provisions added/amended by the California Privacy Rights Act (CPRA) are subject to an enforcement delay until July 1, the original CCPA’s provisions remain in effect and enforceable by the Office of the Attorney General (OAG) through that date, and there is no longer a mandatory 30-day cure period that the OAG must apply. Also, do not forget that HR and B2B data are now in full scope of the original CCPA’s provisions (and again, there is neither an enforcement delay nor a mandatory cure period as to such data).