February 1st was a big day for the Federal Trade Commission (FTC). Not only did the FTC release its report regarding mobile privacy disclosures, it also announced that it had reached a settlement with Path, a social networking app, which agreed to pay $800,000 to settle charges that it deceived users by collecting personal information from their mobile address books without their knowledge and consent, and that it collected personal information from children without their parents’ consent in violation of the Children’s Online Privacy Protection Act (COPPA).
The FTC’s report entitled “Mobile Privacy Disclosures: Building Trust Through Transparency” provides specific recommendations on improving mobile privacy disclosures for mobile platforms, app developers, advertising networks, and other third parties. Most notably, the report recommends that mobile platforms provide “just-in-time” disclosures to consumers and obtain their affirmative consent before allowing apps to access sensitive content, such as geolocation data. The report also recommends that mobile platforms consider providing “just-in-time” disclosures and obtain affirmative consent for other sensitive content, such as contacts, photos, calendar entries and audio/video content. The report further recommends that mobile platforms consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded as well as icons to depict the transmission of user data. The report recommends that mobile platforms consider offering a Do Not Track (DNT) mechanism for smartphone users and makes several other recommendations aimed at providing better disclosures to consumers regarding mobile privacy.
The report also makes a number of recommendations to app developers, including that they have a privacy policy that is easily accessible through the app stores, provide “just-in-time” disclosures and obtain affirmative consent before collecting and sharing sensitive information, improve coordination and communication with ad networks and other third parties and participate in self-regulatory programs and industry organizations. In addition, the report recommends that advertising networks and other third parties communicate with app developers so that those developers can provide truthful disclosures and work with platforms to ensure effective implementation of DNT. Finally, the report suggests that app developer trade associations, academics and experts develop short-form disclosures for app developers, promote standardized app developer privacy policies and educate app developers on privacy issues.Continue Reading FTC Announces Mobile Privacy Disclosure Guidelines