APPS Act Bill to Address Mobile Privacy Protection

default
70
INTERACTIONS
Credit: Wikimedia Commons
Credit: Wikimedia Commons

In a push to address mobile privacy protection, Georgia Representative Hank Johnson released the first discussion draft of the Application Privacy, Protection, and Security Act of 2013 or APPS Act; a bill that would regulate how consumer personal data is collected by mobile applications.

This bill is the first of its kind at the federal level that specifically targets mobile application privacy and security. Up until now, the Children’s Online Privacy Protection Act (COPPA) was the only law that dealt with online privacy insofar as to protect the collection and sharing of information of minors under the age of 13.

Rep. Johnson spoke on the floor of the House last year about the need for increased protection for mobile user personal data. Since then, the House Democrat has launched an online initiative, AppRights, to get feedback from the public about how mobile app developers can ensure protection of personal information that is collected by apps.

“Many of you also told us that simple mechanisms are important to protecting your privacy on mobile devices.  After listening to these concerns, we have written provisions to address these concerns without threatening the functionality or integrity of the mobile apps that you love,” Rep. Johnson said in a statement.

The text of the legislation addresses three key areas that would shape how apps collect, store, and disseminate personal data, as well as give the user control of that data collection.

First, the bill requires a mobile app to provide a comprehensive privacy policy that would outline which personal data is collected, the list of purposes for which the data is being collected, and categories of the third-parties which would share the data.

The policy would also include a user rights clause and describe the way users could exercise those rights. The Act ensures that mobile apps display the privacy policy and obtain user consent before the app can be downloaded.

The APPS Act also requires developers to safeguard personal data from unauthorized access and offers users an “opt-out” option that would permit a person to delete both the app and all personal data that was collected. The Federal Trade Commission would be authorized to enforce the proposed law.

Within the last year, mobile app developers have begun to address the needs of consumer advocates who want better protection of their personal data. A few weeks ago, John Potter, president of the Application Developers Alliance, said that mobile developers do care about consumer privacy and “have been working hard to improve communications between apps and consumers.”

His statement came after the FTC released a report about safety for kid apps which found that developers hadn’t done much to provide privacy policies to parents on what data would be collected about their children and how it was being shared.

The DC-based think tank, Future of Privacy Forum, partnered with the Center for Democracy and Technology, a non-profit that focuses on free internet, to design a set of best practice guidelines for mobile app developers to include comprehensive privacy policies for their apps. Some of these proposals parallel the goals of Rep. Johnson’s bill.

The guidelines warned app developers against copying and pasting privacy guidelines from other apps, as well as thoroughly reviewing their privacy policies to ensure that it best reflects the intent of the app.

Some states are already looking at ways to enforce mobile app privacy and security for consumers. Last week, California Attorney General Kamala D. Harris released recommendations for protecting personal data on mobile devices, including reiterating enforcement of the California Online Privacy Protection Act of 2003, which includes fines of up to $2500 for violations.

Rep. Johnson hosts a weekly tweet chat, using the hashtag #PrivAct, to receive input about the bill from consumers.

The Independent Voter Network is dedicated to providing political analysis, unfiltered news, and rational commentary in an effort to elevate the level of our public discourse.


Learn More About IVN

Leave a Comment
4 comments
Xander Pakzad
Xander Pakzad

I can see how a lot of app developers will argue that letting users permanently delete their personal data violates the rights of the developers. Or maybe they could argue that they need to keep all user data for security purposes.

Xander Pakzad
Xander Pakzad

I can see how a lot of app developers will argue that letting users permanently delete their personal data violates the rights of the developers. Or they could argue that they need to keep all user data for security purposes.

Alex Gauthier
Alex Gauthier

i hope that technology centered issues like mobile privacy protection are given some extra consideration for legislators who may not be the most technologically inclined. We've seen some scary legislation come out of committees with little expertise on the subject.

Kelly Petty
Kelly Petty

I totally agree Alex. I think that's why Rep. Johnson has really gotten the general public and mobile technology experts involved in giving him feedback to craft the bill.