The gov, app developers, and privacy advocates agree on “at-a-glance” privacy notice for mobile apps
Imagine if every time you downloaded a new app, you were shown two brief, concise screens of information. One told you what types of data the app would collect on you, like your address, age, gender, or email. The second told you who the app shares your information with — advertisers, data brokers, or app publishers. It’s like something out of a privacy advocate’s fantasy, isn’t it?
Well, the dream may soon be coming to a mobile app near you. The federal government, privacy advocates, and consumer organizations have done the unthinkable in Washington D.C., and agreed to what they’re calling an “at-a-glance” privacy notice.
The notice isn’t law. It’s a voluntary set of standards for app developers. Adding heft, consumer players like AT&T, Verizon, and Intuit are considering rolling out the at-a-glance notice for their products. Privacy advocates like the ACLU and EFF support the standard, and industry associations like the Application Developers Alliance will be offering code for any app developer to easily add an at-a-glance notice. (Disclosure: The ADA is presently sponsoring a content series on PandoDaily.)
The standardized privacy notice wasn’t formalized overnight. These organizations with competing interests met approximately 17 or 18 times over the course of the last year. Tim Sparapani, the Application Developers Alliance’s VP of Law, Policy, and Government Relations, says that doesn’t count the drafting group’s hundreds of meetings among the drafting group, business and app developers, publishers and ad networks.
“There were a variety of stake holders saying, ‘This is what we need to do,’ ‘No you deleted that important piece of information, you have to do it this way,’” Sparapani says. Four-hundred people showed up to the first consensus meeting, which was whittled down to around 130 by the final gathering. “People got frustrated,” Sparapani adds. “They thought progress wouldn’t be made.”
When the National Telecommunications and Information Administration (NTIA), a branch of the US Department of Congress, first announced its goal of getting mobile app industry leaders together to create a privacy notice consensus, there were a lot of naysayers. People said it couldn’t be done because stakeholders would never agree. Others argued that a privacy notice didn’t help anything — consumers need choices about what data is taken from them and how it’s used. The first argument has been proven wrong, but the second still stands.
The code of conduct is voluntary, however, so app developers are not required by law to adopt it. It seems to me it wouldn’t be in an app developers’ best interest to be so open about where they send their users’ information. But Sparapani disagrees.
“There was a myth out there that app developers were the Wild West about consumer privacy, but we knew that was false,” Sparapani says.
At developer conferences, the Application Developers Alliance will be encouraging developers “around the world” to implement this.
“This is the way for developers to avoid regulators imposing rules that don’t fit the app business or ecosystem,” Sparapani says.
Alas, two of the major players in the app world — Google and Apple — were noticeably absent from the proceedings.