In a push to address mobile privacy protection, Georgia Representative Hank Johnson released the first discussion draft of the Application Privacy, Protection, and Security Act of 2013 or APPS Act; a bill that would regulate how consumer personal data is collected by mobile applications. Tweet
This bill is the first of its kind at the federal level that specifically targets mobile application privacy and security. Up until now, the Children’s Online Privacy Protection Act (COPPA) was the only law that dealt with online privacy insofar as to protect the collection and sharing of information of minors under the age of 13. Tweet
Rep. Johnson spoke on the floor of the House last year about the need for increased protection for mobile user personal data. Since then, the House Democrat has launched an online initiative, AppRights, to get feedback from the public about how mobile app developers can ensure protection of personal information that is collected by apps.
“Many of you also told us that simple mechanisms are important to protecting your privacy on mobile devices. After listening to these concerns, we have written provisions to address these concerns without threatening the functionality or integrity of the mobile apps that you love,” Rep. Johnson said in a statement.
The text of the legislation addresses three key areas that would shape how apps collect, store, and disseminate personal data, as well as give the user control of that data collection.
The APPS Act also requires developers to safeguard personal data from unauthorized access and offers users an “opt-out” option that would permit a person to delete both the app and all personal data that was collected. The Federal Trade Commission would be authorized to enforce the proposed law.
Within the last year, mobile app developers have begun to address the needs of consumer advocates who want better protection of their personal data. A few weeks ago, John Potter, president of the Application Developers Alliance, said that mobile developers do care about consumer privacy and “have been working hard to improve communications between apps and consumers.”
His statement came after the FTC released a report about safety for kid apps which found that developers hadn’t done much to provide privacy policies to parents on what data would be collected about their children and how it was being shared.
The DC-based think tank, Future of Privacy Forum, partnered with the Center for Democracy and Technology, a non-profit that focuses on free internet, to design a set of best practice guidelines for mobile app developers to include comprehensive privacy policies for their apps. Some of these proposals parallel the goals of Rep. Johnson’s bill. Tweet
The guidelines warned app developers against copying and pasting privacy guidelines from other apps, as well as thoroughly reviewing their privacy policies to ensure that it best reflects the intent of the app.
Some states are already looking at ways to enforce mobile app privacy and security for consumers. Last week, California Attorney General Kamala D. Harris released recommendations for protecting personal data on mobile devices, including reiterating enforcement of the California Online Privacy Protection Act of 2003, which includes fines of up to $2500 for violations.