Every software app developer needs to know about the latest software app privacy issues, so I thought I would provide a brief summary of some of the best published privacy guidelines for app developers. You may have missed it, but the Federal Trade Commission (aka FTC), the Attorney General for the State of California, and the Future of Privacy Forum and Center for Democracy & Technology (aka FPF and CDT), have each created a great privacy guideline document for app developers. This is something app developers should have on their radar screen, as if you have forgotten, messing this up can be very costly/painful, etc. (Remember the Path.com app privacy fiasco Link).
Ok, so here goes.
The FTC and the California suggestions are similar so I combined them below:
App Developers
-
- Review the collection and use of personally identifiable data
- Create a clear Privacy Policy
- Use Enhanced Measures (e.g. in app notices)
- Use Just-In-Time Disclosures
App Platforms
-
- Make app privacy policies accessible from the app platform
- Use the platform to educate users on mobile privacy
- Use Just-In-Time Disclosures
- Use privacy icons
Mobile Ad Networks
-
- Avoid out-of-app ads
- Create a Privacy Policy
- Move away from device identifies to temporary identifies (see Carrier IQ Situation Link)
Mobile Carriers
-
- Educate mobile customers on privacy issues
The FPF and CDT created a checklist:
1) Practice ‘Privacy By Design’ (this is a Canadian invention, but it has been adopted by the FTC Link)
2) Communicate Openly & Effectively
3) Make your Privacy Policy Easily Accessible
4) Use Enhanced Notices
5) Provide Users with Choices & Controls
6) Secure Your Users’ Data!
7) Ensure Accountability
So to summarize, every app developer needs to get up to speed on the latest thinking on app privacy. As my blog post is only a very brief outline of the issues, please read the actual guideline documents (links below), as they explain the issues very well. Also, all of these guideline documents are new (from 2011- 2013) so I would read them now (or give them to your app developer to read).
Resources:
FPF and CDT – Best Practices for Mobile Application Developers
FTC – Mobile Privacy Disclosures – Building Trust Through Transparency
Disclaimer: This post is for informational and educational purposes only, and is not legal advice. You should hire an attorney if you need legal advice, which should be provided only after review of all relevant facts and applicable law.