The FTC issued a report today recommending new methods for both mobile platforms and app developers to use to make consumers aware of the personal data that apps are collecting and how that data is being used.
This report contains guidelines for operating system providers like Apple, Amazon, Google, Microsoft, and BlackBerry, along with guidelines for individual app developers and advertising networks. The majority of the rules focus on making sure apps deliver data collection disclosures that are easy to understand.
The FTC suggests that mobile platforms need to focus on conveying privacy information to consumers, providing prompt warnings about apps that access sensitive content like geolocation, contacts, photos, calendar entries, and recorded audio or video content.
A “dashboard” is also suggested as a place where consumers could potentially view the types of content that are accessed by each app, along with identifying app icons and a Do Not Track mechanism to allow consumers to prevent tracking by ad networks or other third parties.
Here’s what FTC Chairman Jon Leibowitz had to say about the new guidelines:
“The mobile world is expanding and innovating at breathtaking speed, allowing consumers to do things that would have been hard to imagine only a few years ago. These best practices will help to safeguard consumer privacy and build trust in the mobile marketplace, ensuring that the market can continue to thrive.”
In the past, the FTC has cracked down on apps that violate laws such as the Children’s Online Privacy Protection Act (COPPA), which was updated in December to include mobile apps and social networks.
The FTC keeps a close eye on apps for kids, and just a few weeks ago, decided that the majority of apps for children are not adhering closely enough to FTC rules. In 2011, developer Broken Thumbs was fined $50,000 for collecting personal information from kids.
iPhone app Path was also found guilty of violating FTC guidelines by collecting address book data without user permission. Path settled with the FTC, agreeing to create a privacy framework and to pay a fine of $800,000.
[via The Verge]