Even as Congress continues exploring privacy across popular applications and web services, it seems California has no intention of waiting for far-reaching legislation to be passed. Instead, officials in late October instituted a 30-day deadline requiring all developers collecting data from California residents to include a privacy policy. Failure to comply would bring the risk of a $2,500 fine for each individual download of a developer's app. With the month-long grace period now over, California's attorney generai and state lawyers are preparing to collect.

Renewed focus on an old law

In pursuing its privacy interests — and without any clear federal precedent to stand on — California is relying on a 2004 law that requires commercial online services retrieving information from Californians to make a privacy policy clearly visible to those users. Though it has gone largely unenforced in recent years, the potential net covered by the Online Privacy Protection Act is wide and obviously includes the exploding mobile application market. Thankfully state officials seem to be placing their initial focus on large-scale businesses, leaving independent developers ample time to implement a policy appropriate to their service or app. And while it may be inconvenient, California's initiative also serves the interest of unknowing developers who could be left vulnerable to litigation as more and more apps demand personal information from users.