When it comes to relatively new technologies, few have been developing at the relentless pace of mobile. But with that development has come a serious threat to the security of personal information and privacy.
The Federal Trade Commission today issued a report on mobility issues and said: More than other types of technology, mobile devices are typically personal to an individual, almost always on, and with the user. This can facilitate unprecedented amounts of data collection. For example, 57% of all app users have either uninstalled an app over concerns about having to share their personal information, or declined to install an app in the first place for similar reasons, the FTC stated. Less than one-third of Americans feel they are in control of their personal information on their mobile devices.
Some mobile vendors and trade groups are doing a good job of protecting consumer privacy, but other companies need to improve, said now outgoing FTC Chairman Jon Leibowitz. "We've found that a number of small developers are rushing to get their cool, new technology out to the public, but not practicing privacy by design. Many don't know about their obligation to consumers."
Indeed and the FTDC goes onto make a number of recommendations directed at the major players including Amazon, Apple, BlackBerry, Google, and Microsoft, as well as application developers, advertising networks and analytics companies.
Those recommends include:
- Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation;
- Consider providing just-in-time disclosures and obtaining affirmative express consent for other content that consumers would find sensitive in many contexts, such as contacts, photos, calendar entries, or the recording of audio or video content;
- Consider developing a one-stop "dashboard" approach to allow consumers to review the types of content accessed by the apps they have downloaded;
- Consider developing icons to depict the transmission of user data;
- Promote app developer best practices. For example, platforms can require developers to make privacy disclosures, reasonably enforce these requirements, and educate app developers;
- Consider providing consumers with clear disclosures about the extent to which platforms review apps prior to making them available for download in the app stores and conduct compliance checks after the apps have been placed in the app stores; and
- Consider offering a Do Not Track (DNT) mechanism for smartphone users. A mobile DNT mechanism, which a majority of the Commission has endorsed, would allow consumers to choose to prevent tracking by ad networks or other third parties as they navigate among apps on their phones.
- Provide just-in-time disclosures and obtain affirmative express consent before collecting and sharing sensitive information (to the extent the platforms have not already provided such disclosures and obtained such consent);
- Improve coordination and communication with ad networks and other third parties that provide services for apps, such as analytics companies, so the app developers can better understand the software they are using and, in turn, provide accurate disclosures to consumers. For example, app developers often integrate third-party code to facilitate advertising or analytics within an app with little understanding of what information the third party is collecting and how it is being used.
- Consider participating in self-regulatory programs, trade associations, and industry organizations, which can provide guidance on how to make uniform, short-form privacy disclosures.
Check out these other hot stories:
NASA: Feb. 15 asteroid fly-by will buzz Earth closer than many satellites