February 1st was a big day for the Federal Trade Commission (FTC). Not only did the FTC release its report regarding mobile privacy disclosures, it also announced that it had reached a settlement with Path, a social networking app, which agreed to pay $800,000 to settle charges that it deceived users by collecting personal information from their mobile address books without their knowledge and consent, and that it collected personal information from children without their parents’ consent in violation of the Children’s Online Privacy Protection Act (COPPA).
The FTC’s report entitled “Mobile Privacy Disclosures: Building Trust Through Transparency” provides specific recommendations on improving mobile privacy disclosures for mobile platforms, app developers, advertising networks, and other third parties. Most notably, the report recommends that mobile platforms provide “just-in-time” disclosures to consumers and obtain their affirmative consent before allowing apps to access sensitive content, such as geolocation data. The report also recommends that mobile platforms consider providing “just-in-time” disclosures and obtain affirmative consent for other sensitive content, such as contacts, photos, calendar entries and audio/video content. The report further recommends that mobile platforms consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded as well as icons to depict the transmission of user data. The report recommends that mobile platforms consider offering a Do Not Track (DNT) mechanism for smartphone users and makes several other recommendations aimed at providing better disclosures to consumers regarding mobile privacy.