Home The Lawsuits Are Already Filed: Create Your Mobile Privacy Policy Now!

The Lawsuits Are Already Filed: Create Your Mobile Privacy Policy Now!

This month, the state of California sued Delta airlines in a very big way for failure to comply with the California Online Privacy Protection Act (CalOPPA). The suit alleges that the Fly Delta mobile app lacked a conspicuous, accurate privacy policy, and seeks up to $2,500 for each download. Delta quickly threw up a policy (though researchers have already found flaws in it), but the suit stands, and the potential damages are very real.

The really dumb thing is that this lawsuit never should have happened. Delta was given 30 days notice by the state of California, and it still couldn’t make the deadline. There’s no excuse for that. It’s a privacy policy, made of words, not code. Delta – and any company in that position – should have had a policy up within a week.

So consider this your company’s official notice. If you don’t have a privacy policy for your mobile apps, write one today. Here are some tips to get started: 

Step 1: Review Your App

Get your app developers and your spec together and perform a 6-step review:

1. Document any collection of personally identifiable information (PII). PII can include but is not limited to:

  • Name
  • Terrestrial or Email Address
  • Phone Number
  • IP Address
  • Current Location

2. Note whether any of the PII your apps collect (for example, a social security number) is more sensitive than others, and any special steps you take when collecting it.
3. Take special note of your target age range. If your apps knowingly collecting information from users under 13, consult your attorney before continuing.
4. List all the parties (such as ad networks and technology partners) who have access to PII and how it will be used.
5. List all user profile control options: can users request, view, edit or delete their information?
6. Outline data retention and disposal policies for all user data, paying particular attention to canceled accounts.

Step 2: Write Your Policy

With that in hand, it’s time to write your policy. If you have an attorney on staff with the requisite experience, start there. If not, there are lots of free templates and tools like the Privacy Choice policy maker to get you started. Customize as you see fit. (There are also plenty of paid services that specialize in privacy policies.)

If you have a privacy policy for your website, you’ve already done most of the work. Your job now consists of identifying the ways in which your app is different from your website, then displaying your policy in a succinct manner that mobile customers will actually read. The Center For Democracy and Technology (CDT) has an excellent, free resource called Best Practices for Mobile Application Developers that will help smooth out the edges.

Step 3: Review Your Policy 

In all the prettying up, you may have misinterpreted some facts. Run the finished policy past your developers. Then compare your policy to those mandated by any of the app stores that will be distributing your app. The CDT document has some good summaries, but you’ll want to check the most recent terms from the stores themselves.

Step 4: Get Certified (Optional)

If you really want peace of mind, take the next step and get your app certified by TrustE. It’s not strictly necessary (Google doesn’t even require a privacy policy – but California does, so write one!), but it provides users with an additional layer of confidence, and verifies that you’ve done your job right.

Having a mobile app privacy policy doesn’t guarantee you won’t get into trouble. But not having one is just asking for litigation.

Lead image courtesy of Shutterstock.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.