Mobile Apps.. Guidelines on Privacy

California Department of Justice has released a set of guidelines for Mobile Apps developers which act as “privacy Practice Recommendations”. The practices recommended here are expected to help in the compliance of the California Online privacy protection Act (COPPA) Being perhaps the first of such codes, this is a useful document to be adopted by all mobile apps developers as well as other stakeholders such as app platform providers, mobile networks etc.

These principles include making an app’s privacy policy available to consumers on app platform, before they download the app. It is stated that major app platform providers such as Amazon, Apple, Google, HP, Microsoft, RIM< and Facebook have agreed to the principles.

Highlights of the recommendations are:

For App Developers

•Start with a data checklist to review the personally identifiable data your app could collect and use it to make decisions on your privacy practices.
•Avoid or limit collecting personally identifiable data not needed for your app’s basic functionality.
•Develop a privacy policy that is clear, accurate, and conspicuously accessible to users and potential users.
•Use enhanced measures – “special notices” or the combination of a short privacy statement and privacy controls – to draw users’ attention to data practices that may be unexpected and to enable them to make meaningful choices.

For App Platform Providers

•Make app privacy policies accessible from the app platform so that they may be reviewed before a user downloads an app.
• Use the platform to educate users on mobile privacy.

For Mobile Ad Networks

•Avoid using out-of-app ads that are delivered by modifying browser settings or placing icons on the mobile desktop.
•Have a privacy policy and provide it to the app developers who will enable the delivery of targeted ads through your network.
•Move away from the use of interchangeable device-specific identifiers and transition to app-speciic or temporary device identifiers.

For Operating System Developers

•Develop global privacy settings that allow users to control the data and device features accessible to apps.

For Mobile Carriers
• Leverage your ongoing relationship with mobile customers to educate them on mobile privacy and particularly on children’s privacy

This is a good starting point for a new regime on privacy protection on the mobile platform. Hopefully it would be adopted at the earliest by responsible apps developers and distributors.

Naavi

Copy of Guidelines

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law, Privacy, TELCO. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.