Mobile apps should limit data collection, state AG says
California report also says Mobile apps should not collect data not related to their basic functionality
IDG News Service - Mobile application developers should minimize privacy surprises for their customers by limiting their data collection and retention and giving users access to the data collected, California Attorney General Kamala Harris has recommended.
Mobile apps should avoid or minimize their collection of personally identifiable data for uses not related to their basic functionality, and they should avoid or limit the collection of sensitive information, Harris and the California Department of Justice recommended in a report released Thursday. Mobile apps should also use encryption to send and store personally identifiable information, and app developers should appoint privacy officers to review their privacy policies whenever the apps are updated, Harris recommended.
App developers should also make their privacy policies easy to find and allow customers to see the policies before they download apps, the report recommended.
"Californians want to know what personal information their apps collect, how it is used and with whom it is shared," Harris said in a statement. "To meet this need and keep pace with rapidly changing technology, these recommendations strike a responsible balance between protecting consumers' personal information and fostering the continued growth of the innovative app economy."
It's important for the agency to address mobile privacy because more than half of U.S. mobile phone users access the Internet from their phones and mobile developers release more than 1,600 new apps every day, Harris said in a press release.
Mobile app privacy has been a controversial issue in recent months. Several privacy groups and some lawmakers in Washington, D.C., have called for new privacy laws after news and government reports that mobile apps collect large amounts of personal data without notifying consumers.
Harris' office reached out to the mobile industry before releasing the report. The agency wants the report to serve as a template for the mobile industry to develop privacy policies and practices that will improve consumer privacy without stifling innovation.A
Some tech industry representatives said the recommendations are a good idea, as long as they are voluntary.
The report "by offering recommendations that can serve as a useful reference for developers rather than mandates that constrain innovation, is a step in the right direction," said Daniel Castro, senior analyst with the Information Technology and Innovation Foundation (ITIF), a tech-focused think tank.
Castro praised Harris for issuing recommendations instead of suing app developers for privacy violations. But the report makes some bad assumptions about mobile apps, he added in a blog post. The report's authors said advertising is not a part of an app's basic functionality, he said.
"For all of the talk in this report about a 'mobile ecosystem,' the report authors apparently do not seem to clearly understand that this ecosystem depends on revenue," Castro wrote. "Many mobile apps are ad-supported software."
- Assessing ROI for Mobile Acceleration Clients This EMA® paper examines the business case for deploying mobile WAN optimization client software and builds a ROI model based on the experiences...
- The Apple-ization of the Enterprise: Understanding IT's New World Read this paper for how to tackle Apple-ization (and the related consumerization of IT and Bring Your Own Device/BYOD).
- A Practical Introduction to Enterprise Mobility Management Read the white paper to better understand the basic concepts within mobility management and to learn how you can apply EMM technology to...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the... All Mobile/Wireless White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!