Main Nav

FTC Issues New Report on Mobile Privacy Disclosures

The Federal Trade Commission (FTC) released a report on February 1, 2013 that says it wants — but is not mandating — makers of mobile operating systems, app developers, and advertisers to be provide "timely, easy-to-understand disclosures about what data they collect and how the data is used."  In the report, "Mobile Privacy Disclosures: Building Trust Through Transparency," the FTC said that most consumers are concerned, and often confused, about how mobile privacy operates.  "More than other types of technology, mobile devices are typically personal to an individual, almost always on, and with the user," the FTC said in the report. "This can facilitate unprecedented amounts of data collection."

The report also cites a nationwide survey that found 57 percent of all mobile app users have "either uninstalled an app over concerns about having to share their personal information, or declined to install an app in the first place for similar reasons. Similarly, in a 2011 survey of U.S. smartphone users, less than one-third of survey respondents reported feeling in control of their personal information on their mobile devices."

The report makes recommendations for critical players in the mobile marketplace: mobile platforms (operating system providers, such as Amazon, Apple, BlackBerry, Google, and Microsoft), app developers, advertising networks and analytics companies, and app developer trade associations.  Most of the recommendations involve making sure that consumers get timely, easy-to-understand disclosures about what data they collect and how the data is used.

The report recommends that mobile platforms should:

  • Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation;
  • Consider providing just-in-time disclosures and obtaining affirmative express consent for other content that consumers would find sensitive in many contexts, such as contacts, photos, calendar entries, or the recording of audio or video content;
  • Consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded;
  • Consider developing icons to depict the transmission of user data;
  • Promote app developer best practices.  For example, platforms can require developers to make privacy disclosures, reasonably enforce these requirements, and educate app developers;
  • Consider providing consumers with clear disclosures about the extent to which platforms review apps prior to making them available for download in the app stores and conduct compliance checks after the apps have been placed in the app stores; and
  • Consider offering a Do Not Track (DNT) mechanism for smartphone users.  A mobile DNT mechanism, which a majority of the Commission has endorsed, would allow consumers to choose to prevent tracking by ad networks or other third parties as they navigate among apps on their phones.

App developers should:

  • Have a privacy policy and make sure it is easily accessible through the app stores;
  • Provide just-in-time disclosures and obtain affirmative express consent before collecting and sharing sensitive information (to the extent the platforms have not already provided such disclosures and obtained such consent);
  • Improve coordination and communication with ad networks and other third parties that provide services for apps, such as analytics companies, so the app developers can better understand the software they are using and, in turn, provide accurate disclosures to consumers.  For example, app developers often integrate third-party code to facilitate advertising or analytics within an app with little understanding of what information the third party is collecting and how it is being used.
  • Consider participating in self-regulatory programs, trade associations, and industry organizations, which can provide guidance on how to make uniform, short-form privacy disclosures.

Advertising networks and other third parties should:

  • Communicate with app developers so that the developers can provide truthful disclosures to consumers; 
  • Work with platforms to ensure effective implementation of DNT for mobile.

App developer trade associations, along with academics, usability experts and privacy researchers can:

  • Develop short form disclosures for app developers; 
  • Promote standardized app developer privacy policies that will enable consumers to compare data practices across apps;
  • Educate app developers on privacy issues.

EDUCAUSE will continue to monitor and report on this issue.

Tags from the EDUCAUSE Library

Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.