More than other types of technology, mobile devices are typically personal to an individual, almost always on, and with the user. This can facilitate unprecedented amounts of data collection. In addition, since a single mobile device can facilitate data collection and sharing among many entities, consumers may wonder where they should turn if they have questions about their privacy.
The U.S. Federal Trade Commission has issued a report recommending ways that key players in the rapidly expanding mobile marketplace can better inform consumers about their data practices.
The report makes recommendations for critical players in the mobile marketplace: mobile platforms (operating system providers, such as Amazon, Apple, BlackBerry, Google, and Microsoft), application (app) developers, advertising networks and analytics companies, and app developer trade associations.
Among the actions recommended by the FTC for mobile platforms is that they ask and obtain the consumers' express consent before allowing apps to access sensitive content like geolocation or other content that consumers would find sensitive (contacts, photos, calendar entries, or the recording of audio or video content).
They would also like them to promote app developer best practices and consider offering a Do Not Track (DNT) mechanism for smartphone users.
Advertising networks and other third parties are, in turn, urged to communicate with app developers so that the developers can provide truthful disclosures to consumers, and work with platforms to ensure effective implementation of DNT for mobile.
Finally, app developer trade associations, along with academics, usability experts and privacy researchers should work on developing short form disclosures for app developers, promote standardized app developer privacy policies that will enable consumers to compare data practices across apps, and educate app developers on privacy issues.
The recommendation in the reports are just that - recommendations. The various players in the mobile marketplace are urged to consider them carefully, but are not bound by law to follow them.
Still, taking them into consideration would help them stay in the FTC's good graces and avoid considerable fines such as the $800,000 one recently imposed on the operator of the Path social networking app, which has been found to have illegally collected personal information from children without their parents’ consent.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.