and concluded that “equipment that made automatic calls from lists of recipients was also covered by the TCPA.” In reaching this conclusion, the Court also rejected Crunch Fitness’s argument that a device cannot be an ATDS unless it is fully automatic, i.e., can operate without any human intervention whatsoever. The Ninth Circuit deemed it “common sense” that “human intervention of some sort is required before an autodialer can begin making calls, whether turning on the machine or initiating functions.”
On this basis, the Ninth Circuit found that the Textmunication’s ability to dial numbers automatically determined the outcome of the appeal, even though humans (rather than machines) were required to add phone numbers to the Textmunication platform.
PUTTING IT INTO PRACTICE: We expect to see class action plaintiffs’ attorneys argue that Marks expands the scope of liability under the TCPA to include calls or text messages sent on all types of modern telephone equipment, including everyday smartphones. The holding of Marks will likely make district courts even less inclined to grant motions to dismiss TCPA claims for failing to allege use of an ATDS, since the definition of that term includes devices that can automatically dial stored numbers.
If you’re interested in learning more about this case and what it could mean for future TCPA litigation, please see the following article from Sheppard Mullin’s Class Action Defense Strategy Blog: Rikki, Don’t Autodial That Number! – Ninth Circuit Doesn’t Want You To Call Nobody Else (in violation of the TCPA)
Apple Imposes Privacy Policy Requirement for All Apps Operating on its Platform
Posted on September 27, 2018
As Apple recently reminded developers, starting on October 3, 2018 it will require all apps being submitted for distribution through its app store, or for testing by its TestFlight service, to have a publicly posted privacy policy. This requirement was incorporated into Apple’s App Store Review Guidelines and will apply to all new apps, as well as all updated versions of existing apps. Previously only those apps that collected user information had to have a privacy policy.
Apple’s previous requirements were consistent with a 2012 Joint Statement of Principles agreement that Apple and other app store platforms made with the California Attorney General. In that statement, the platforms agreed to require apps that collect information to conspicuously post a privacy policy telling consumers how their personal data was being collected, used, and shared. To encourage transparency of apps’ privacy practices, the platforms also agreed to allow app developers to link to their privacy policy directly from the store. Finally, the platforms agreed to create ways for consumers to notify them if an app was not living up to its policies, and to respond to such complaints.
The new Guidelines build on the principles established in 2012 and expand the privacy policy requirement to all apps, even utility apps that do not collect user information and apps still in the testing phase. Per the Guidelines, the policy will need to be included in the App Store Connect metadata field and as a link in the app itself. Without the policy, the app will not be reviewed and will not be made available on Apple’s platform.
Under the new Guidelines, an app’s privacy policy must still have a description of what data the app collects, how that data is collected, and how it is used. The policy must also notify users how long the app developer will keep the information it collects and how it will be deleted. The Guidelines also require the policy to inform users how they can revoke their consent (if applicable) for data collection and how to make a request to have their data be deleted. Finally, the policy will have to confirm that the app will follow Apple’s guidelines about sharing information with third parties, and that any third party that the information is sent to will be held to Apple’s data security guidelines. If the app’s privacy policy sets higher standards for data protection than Apple’s guidelines, the third party will have to also meet that benchmark.
                   13 Eye on Privacy 2018 Year in Review