The Federal Trade Commission (FTC) has issued a series of recommendations today detailing how the owners of mobile operating systems – including Apple, Google, Microsoft and RIM – can ensure that consumers know how their personal data is being collected and used.
In a report published today, the FTC said that mobile platforms should provide timely disclosures to consumers, and also obtain their “express consent”, before allowing apps to access sensitive content such as geolocation data. The Commission also suggested that this be extended to content that users may find sensitive “in many contexts”, such as contacts, photos and calendar entries.
A one-stop “dashboard” was also suggested in the report to help consumers review the type of content and data being accessed by the apps they have downloaded.
“The mobile world is expanding and innovating at breathtaking speed, allowing consumers to do things that would have been hard to imagine only a few years ago,” said FTC Chairman Jon Leibowitz. “These best practices will help to safeguard consumer privacy and build trust in the mobile marketplace, ensuring that the market can continue to thrive.”
Other recommendations aimed squarely at mobile operating systems included using icons that would notify the user when their data was being transferred, as well as a Do Not Track (DNT) mechanism that would give users the choice to be opted out of tracking via advertising networks or other third parties.
The FTC doesn’t suggest that it has all of the answers to how such recommendations should be implemented. In the report’s findings, it reads:
“Many questions remain, including the following: What
information should be included in app developer privacy policies? What might a model short privacy notice look like? Can a single system of icons be developed to avoid consumer confusion? The National Telecommunications and Information Administration’s (NTIA) multi-stakeholder process is focusing on how mobile transparency can be improved, and is well positioned to address some of these questions.”
It’s timely in that regard, as the FTC has also announced today that Path has agreed to pay an $800,000 settlement fee over allegations that it deceived users in its iOS app – specifically, by collecting personal information from their address books without their knowledge and consent.
The report has been published to coincide with the work that the NTIA is carrying out within the U.S. Department of Commerce, along with other stakeholders to develop a code of conduct related to mobile app transparency. The FTC said: “To the extent that strong privacy codes are developed, the FTC will view adherence to such codes favorably in connection with its law enforcement work.”
Image Credit: MLADEN ANTONOV/AFP/Getty Images