California Attorney General Rob Bonta recently announced a new privacy investigative sweep. The AG is sending letters to businesses with mobile apps that have failed to follow the California Consumer Privacy Act (CCPA).

The current sweep focuses on businesses in the retail, travel, and food service industries that have failed to honor opt-out requests or provide consumers with mechanisms to opt out of the sale of their information. It also targets businesses that do not respond to authorized agent requests. The Attorney General is especially looking at opt-out requests sent by third party vendors like Permission Slip.

The Attorney General made similar investigative sweeps in 2021 and 2022. One prior sweep involved businesses operating customer loyalty programs. The Attorney General is now aiming at mobile apps that can collect a lot of data.

Putting it into Practice: Mobile compliance with the CCPA is important to the AG. Officials are wary of the wide array of sensitive information that mobile apps are able to collect. This sweep is a good reminder: retailers with mobile apps should ensure that their privacy compliance programs include their mobile apps.