Posted on October 19, 2011 by Mark Brennan

New Guidelines Released for Mobile App Privacy Policies

On October 17, the Mobile Marketing Association (“MMA”) released a set of draft privacy policy guidelines for mobile applications (“apps”) designed to address key data and privacy security issues. Entitled “Mobile Application Privacy Policy Framework,” the draft guidelines provide a “starting point” privacy policy template written in consumer-friendly language with instructions for adapting the template to specific apps.

The guidelines provide a helpful tool for informing app users of the type of information that the app obtains and how that information is used, with sections devoted to both user-provided data and automatically collected information. The guidelines also address the collection and use of “precise" real-time location information, an issue that has garnered much media attention (and increasing regulatory scrutiny) due to the popularity of new location-based services. Finally, the guidelines also address other critical app areas, including:

  • Third-party access and use of consumer data;
  • Advertising (including the use of mobile advertising networks);
  • Consumer consent and opt-out rights;
  • Data retention;
  • Children’s Online Privacy Protection Act (“COPPA”) compliance;
  • Security and confidentiality safeguards; and
  • Future changes to the policy.

The guidelines are a response to data privacy and security concerns brought about by the skyrocketing consumer demand for and usage of apps, which have exploded in the last few years. For example, although the iTunes Store and Android Market only opened in 2008, today more than 1.2 million apps are currently available from multiple app stores on various operating systems. And consumers have downloaded more than 10 billion mobile apps to date.

Hogan Lovells represented the Future of Privacy Forum, a member organization of the MMA Privacy & Advisory Committee,which developed the guidelines. According to MMA, the draft guidelines are the first in a series of privacy policy materials that the organization is planning to develop. 

Comments on the draft guidelines are due November 18, 2011. After that date, the guidelines will be finalized and released publicly.
Tags: , , , , , , , , , , , , , , , , ,
Posted on November 23, 2009 by Bret Cohen

FTC Releases Details About December 7, January 28 Privacy Roundtables

On November 17, the Federal Trade Commission released the agenda of the first of three privacy round tables it will hold over the course of the next few months.  The first round table will occur on December 7 at the FTC Conference Center in Washington, DC, and will feature four panels entitled "Benefits and Risks of Collecting, Using, and Retaining Consumer Data," "Consumer Expectations and Disclosures," "Online Behavioral Advertising," and "Exploring Existing Regulatory Frameworks."

The FTC also announced that its second privacy round table will be held on January 28, 2010 at the University of California, Berkeley, School of Law.  The round table will focus on how technology affects consumer privacy, including its role in both raising privacy concerns and enhancing privacy protections, and will include specific discussions on cloud computing, mobile computing, and social networking.  The FTC has posed two questions for comment in advance of this round table:

  1. What role do privacy enhancing technologies play in addressing Internet-related privacy concerns?  Consider the efficacy of technological innovations in areas such as identity management systems, new means of providing consumer notice and choice, and emerging methods of ensuring accountability in data usage.  In framing comments, consider the costs and benefits of privacy-enhancing technologies in the following contexts:  cloud computing services; social networking sites; online behavioral advertising; the mobile environment; services that collect sensitive data, such as location-based information; and any other contexts you wish to address.  If privacy enhancing technologies do play a role in resolving privacy concerns, discuss whether and how to create incentives for the development and adoption of such technologies, and ways to ensure they are effective and useful to consumers.
  2. What challenges do innovations in the digital environment pose for consumer privacy, and how can those challenges be addressed without stifling innovation or otherwise undermining benefits to consumers?  For example, consider the technology and business practices that enable greater collection, use, and distribution of consumer data, including evolving methods of observation and tracking; techniques for correlating data, including the re-identification of anonymized data; the merging of data between on-line and off-line environments; and the emergence of third-party application developers in online platform environments.

The FTC currently is soliciting requests to participate as panelists in this second round table, as well as recommendations for topics for inclusion in the agenda, which are due by December 9.  Comments or additional research on the topics will be considered prior to the second round table if they are received by December 21.

Details have not yet been released for the third and final privacy round table, which is to be held on March 17, 2010 in Washington.

Tags: , , , , , , , , , ,