For California "Privacy On The Go"

Recommendations For The Mobile Ecosystem
January 2013

Executive Summary

The pocket computers we carry with us – our cell phones, tablets and such – not only allow us to entertain ourselves, but with nearly a million applications available today, they also offer a variety of other capabilities. Mobile applications (apps) allow us not just to read books, play games, listen to music, and take photos and videos, but also to monitor our heart rate, start the car remotely on a dark night, find a nearby restaurant, and pay for purchases on-the-spot. With their expanding functionality, mobile devices are subject to the privacy risks of the online world and to some that are unique to the mobile sphere. Their small screen size makes communicating privacy practices and choices to consumers especially challenging. Consumers care about mobile privacy: a recent survey found that over half of Americans had uninstalled or decided not to install an app because of concerns about its privacy practices. As part of a larger initiative aimed at improving privacy protections in the mobile sphere, the California Attorney General began by forging an agreement with the major app platform companies: Amazon, Apple, Google, Hewlett-Packard, Microsoft, Research In Motion, and later Facebook. These app platform companies agreed to principles designed to improve privacy protections in the mobile environment and to bring the industry in line with California law requiring mobile apps that collect personal information to have a privacy policy. The principles include making an app’s privacy policy available to consumers on the app platform, before they download the app. The mobile app industry is growing fast, but it is still in the early stages of development, with practitioners who are not all alert to privacy implications and how to address them. To help educate the industry and promote privacy best practices, the Attorney General’s Privacy Enforcement and Protection Unit has prepared Privacy on the Go: Recommendations for the Mobile Ecosystem. The recommendations, which in many places offer greater protection than afforded by existing law, are intended to encourage app developers and other players in the mobile sphere to consider privacy at the outset of the design process. Recognizing that the legally required general privacy policy is not always the most effective way to get consumers’ attention, Privacy on the Go recommends a “surprise minimization” approach. This approach means supplementing the general privacy policy with enhanced measures to alert users and give them control over data practices that are not related to an app’s basic functionality or that involve sensitive information.

Source and Full Report:

0 yorum: