Apple Agrees to Support New Privacy Protection in App Store

Image Credit: William Hook, Flickr.com

There has been a lot of dissension over iOS privacy lately, starting with Path two weeks ago. Many users are disgruntled by the way Apple seems to be handling their privacy because of the incident. Fortunately, Kamala D. Harris, the state of California’s Attorney General, has announced today that multiple corporations with a share in the mobile apps market (including Apple) have agreed to promote new privacy protection and force their developers to comply by it if they wish continue distributing their apps using the App Store…

Here’s a small explanation of what this new agreement includes:

This agreement will allow consumers the opportunity to review an app’s privacy policy before they download the app rather than after, and will offer consumers a consistent location for an app’s privacy policy on the application-download screen. If developers do not comply with their stated privacy policies, they can be prosecuted under California’s Unfair Competition Law and/or False Advertising Law.

In the current state of things, users must download an app in order see the privacy policy since it’s usually in the app’s about screen. However, some apps do not even have a privacy policy, which means that users may be contributing some of their personal information to the app’s servers without the knowledge that they’ve done so.

As The Next Web points out, an example of an app that does not clearly state its privacy or permissions is Rdio. The app’s description merely describes the app itself and nothing else. (Please take note that this app is actually online-based and you must agree to the privacy policy on their website in order to create an account.) Google’s Android Marketplace, however, is quite different. Google urges that developers state what their apps may be accessing, though not all actually do just that.

Developers will soon be required by law to state the privacy policy of their mobile app in the App Store. If they do not do so, they are subject to being taken to court under “California’s Unfair Competition Law and/or False Advertising Law,” as stated in the quote above. This will protect not only your privacy, but also the privacy of your contacts and anything else on your mobile phone.

The full press release can be found directly below.

SAN FRANCISCO – Attorney General Kamala D. Harris today announced an agreement committing the leading operators of mobile application platforms to improve privacy protections for millions of consumers around the globe who access the Internet through applications (“apps”) on their smartphones, tablets and other mobile devices.

Attorney General Harris forged the agreement with six companies whose platforms comprise the majority of the mobile apps market: Amazon, Apple, Google, Hewlett-Packard, Microsoft and Research In Motion. These platforms have agreed to privacy principles designed to bring the industry in line with a California law requiring mobile apps that collect personal information to have a privacy policy. The majority of mobile apps sold today do not contain a privacy policy.

“Your personal privacy should not be the cost of using mobile apps, but all too often it is,” said Attorney General Harris.

“This agreement strengthens the privacy protections of California consumers and of millions of people around the globe who use mobile apps,” Attorney General Harris continued. “By ensuring that mobile apps have privacy policies, we create more transparency and give mobile users more informed control over who accesses their personal information and how it is used.”

Privacy policies are an important safeguard for consumers. Privacy policies promote transparency in how companies collect, use and share personal information. The agreement with the platforms is designed to ensure that mobile apps comply with the California Online Privacy Protection Act. The Act requires operators of commercial web sites and online services, including mobile apps, who collect personally identifiable information about Californians to conspicuously post a privacy policy.

This agreement will allow consumers the opportunity to review an app’s privacy policy before they download the app rather than after, and will offer consumers a consistent location for an app’s privacy policy on the application-download screen. If developers do not comply with their stated privacy policies, they can be prosecuted under California’s Unfair Competition Law and/or False Advertising Law.

The agreement further commits the platforms to educate developers about their obligations to respect consumer privacy and to disclose to consumers what private information they collect, how they use the information, and with whom they share it. The platforms will also work to improve compliance with privacy laws by giving users tools to report non-compliant apps and committing companies to implement processes to respond to these reports.

In six months, Attorney General Harris will convene the mobile application platforms to assess privacy in the mobile space

There are more than 50,000 individual developers who have created the mobile apps currently available for download on the leading platforms. There are nearly 600,000 applications for sale in the Apple App Store alone, and another 400,000 for sale in Google’s Android Market. These apps have been downloaded more than 35 billion times.

These figures are expected to grow. An estimated 98 billion mobile applications will be downloaded by 2015, and the $6.8 billion market for mobile applications is expected to grow to $25 billion within four years.

The rapid growth and expansion in the mobile market exposes consumers to a wide variety of privacy invasions. Smartphones are often on and tethered to their user, transmitting rich data to the app developers. Users of mobile devices are vulnerable to privacy intrusion and abuse by numerous entities, app developers, analytic services and advertising networks. These entities could have access to sensitive information, including a user’s location, contacts, identity, messages and photos. Without a privacy policy, what companies do with the personal data they collect is largely invisible to consumers.

It is estimated that a majority of the mobile apps currently available for download through the platforms do not include even the most basic privacy protection: a privacy policy setting forth how personal data is collected, used and shared. One recent study found that only 5 percent of all mobile apps have a privacy policy.

A recent report by the Federal Trade Commission (FTC), Mobile Apps are Disappointing, evaluated the lack of privacy information available to parents before downloading mobile apps for their children. The FTC report recommended that mobile apps platforms do more to help parents and kids by providing a consistent means for app developers to display information about their privacy practices. The FTC specifically recommended that the platforms provide a designated space for developers to disclose their information in the app stores and markets and that the platforms improve enforcement of requirements for app developers to disclose the private data they collect.

Attorney General Harris, in August, 2011, convened Amazon, Apple, Google, Hewlett-Packard, Microsoft and Research In Motion as the most direct way to improve compliance with California law requiring that mobile apps have privacy policies. The platforms have committed to these principles today and are now working to implement them.

“California has a unique commitment to protecting the privacy of our residents. Our constitution directly guarantees a right to privacy, and we will defend it,” added Attorney General Harris. “Forging this common statement of mobile privacy principles shows the power of collaboration — among government, industry and consumers — to create solutions to problems no one group can tackle alone.”

Last year, Attorney General Harris also established an eCrime Unit to prosecute identity theft, data intrusions, and crimes involving the use of technology.

[California Department of Justice via The Next Web]

Post a response / What do you think?