“Your personal privacy should not be the cost of using mobile apps, but all too often it is,” said Attorney General Harris in a statement.
Mobile apps have gone without much regulation for some time, but Harris wants to bring them in line with the “California Online Privacy Protection Act,” which requires commercial websites, including mobile sites, to post privacy policies. The policy should be viewable before downloading an app, as opposed to after, when an app has already been opened.
This means app marketplaces will need to have a separate area for each application to show that particular company’s privacy statement and any other information it would like to disclose. This was already recommended by the Federal Trade Commission in a study on parents, privacy, and downloading apps for children.
Users will also soon be supplied avenues to report companies who are not following the agreement. Those found in violation could be prosecuted under California’s Unfair Competition Law or its False Advertising Law.
In the last few weeks, social photo-app Path spurred a conversation around mobile privacy when a developer found it transferring people’s address books to its servers. Soon after, a number of other companies were discovered doing the same thing, including Facebook, Twitter, Instagram, Foursquare and others. Apple released a statement saying these companies were in violation of its guidelines. Explicit prior permission is required in order to transfer such information, though it doesn’t specify the need to encrypt it.
The guideline reads, “Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used.”
With this new agreement, companies like Apple must go beyond just setting guidelines. Now, they must require the more than 50,000 app developers currently active in their platforms to create privacy policies, in addition to any newcomers. Currently, the companies are working to deploy the agreement’s guidelines across their mobile app ecosystems.
Attorney General Harris will meet again with these mobile leaders in six months to consider more ways of making mobile privacy more transparent.
VentureBeat is holding its second annual Mobile Summit this April 2-3 in Sausalito, Calif. The invitation-only event will debate the five key business and technology challenges facing the mobile industry today, and participants — 180 mobile executives, investors, and policymakers — will develop concrete, actionable solutions that will shape the future of the mobile industry. You can find out more at our Mobile Summit site.