Skip the navigation

Mobile apps should limit data collection, state AG says

California report also says Mobile apps should not collect data not related to their basic functionality

By Grant Gross
January 10, 2013 03:56 PM ET

IDG News Service - Mobile application developers should minimize privacy surprises for their customers by limiting their data collection and retention and giving users access to the data collected, California Attorney General Kamala Harris has recommended.

Mobile apps should avoid or minimize their collection of personally identifiable data for uses not related to their basic functionality, and they should avoid or limit the collection of sensitive information, Harris and the California Department of Justice recommended in a report released Thursday. Mobile apps should also use encryption to send and store personally identifiable information, and app developers should appoint privacy officers to review their privacy policies whenever the apps are updated, Harris recommended.

App developers should also make their privacy policies easy to find and allow customers to see the policies before they download apps, the report recommended.

"Californians want to know what personal information their apps collect, how it is used and with whom it is shared," Harris said in a statement. "To meet this need and keep pace with rapidly changing technology, these recommendations strike a responsible balance between protecting consumers' personal information and fostering the continued growth of the innovative app economy."

It's important for the agency to address mobile privacy because more than half of U.S. mobile phone users access the Internet from their phones and mobile developers release more than 1,600 new apps every day, Harris said in a press release.

Mobile app privacy has been a controversial issue in recent months. Several privacy groups and some lawmakers in Washington, D.C., have called for new privacy laws after news and government reports that mobile apps collect large amounts of personal data without notifying consumers.

Harris' office reached out to the mobile industry before releasing the report. The agency wants the report to serve as a template for the mobile industry to develop privacy policies and practices that will improve consumer privacy without stifling innovation.A

Some tech industry representatives said the recommendations are a good idea, as long as they are voluntary.

The report "by offering recommendations that can serve as a useful reference for developers rather than mandates that constrain innovation, is a step in the right direction," said Daniel Castro, senior analyst with the Information Technology and Innovation Foundation (ITIF), a tech-focused think tank.

Castro praised Harris for issuing recommendations instead of suing app developers for privacy violations. But the report makes some bad assumptions about mobile apps, he added in a blog post. The report's authors said advertising is not a part of an app's basic functionality, he said.

"For all of the talk in this report about a 'mobile ecosystem,' the report authors apparently do not seem to clearly understand that this ecosystem depends on revenue," Castro wrote. "Many mobile apps are ad-supported software."

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies
Consumerization of IT: Be in the know
consumer tech

Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!