FTC Report on Mobile Privacy Suggests Ways to Standardize Data Collection Notification

personal dataIf you dig around long enough, you’ll probably find a tiny bit of text somewhere on that new app that explains how the app is going to collect your data and what they’re going to do with the information. But honestly, how many people actually read these legal docs?

I decided to check out the privacy policy on my favorite mobile game, Bejeweled. I was surprised to find this paragraph under “Non-Personal Information.”

The non-personal information collected may include demographic information including gender, age, zip code, information about your computer, hardware, software, platform, game system, media, mobile device, including unique device IDs or other device identifiers, incident data, Internet Protocol (IP) address, network Media Access Control (MAC) address and connection. We also collect other non-personal information such as username, user ID or persona, feature usage, game play statistics, scores and achievements, user rankings, time spent playing our games, and click paths as well as other data that you may provide in surveys, via your account preferences and online profiles such as friends lists or purchases, for instance.

Wait? My age, gender and zip code aren’t personal pieces of information? I guess this means that they don’t attach my name to this info, they just use them as data points to determine demographics.

But wait again, if I add my friends to my friends list so we can compare scores, I’m opening them up to data collection as well?

In reality, EA games isn’t doing anything insidious with my data but it’s hard not to panic when the legalize goes on for several pages. This is why the FTC is strongly suggesting a set of standardized icons that will let people see what data is being collected at a glance along with a privacy dashboard on all mobile apps so users can see all of their option and opt out with one swipe.

The report also recommends that developers make notifications more timely. If an app is designed to collect geolocation data as I move around, the app should have an active icon that shows data collection is in progress.

The overall point to the Mobile Privacy Disclosures report is transparency. If users are aware of how their data is being collected and used, they’ll learn to trust mobile developers and in most cases they won’t bother to opt out.

The most important point is that transparency should begin before the app is downloaded. I can’t tell you how many times I’ve downloaded an app only to find out that it required a number of in-app purchases in order to use the app properly. I don’t care if you want to sell upgrades, but I want to know that before I download, not after. The FTC report suggests a standardized set of labels, like nutrition labels on food, that clearly show things such as data collection options, in-app purchases and whether or not there are ads on the app. This is especially important for apps aimed at kids.

The FTC Mobile Privacy Report doesn’t ask for anything unreasonable. They simply want people to understand the consequences of their mobile actions and in-actions. Right now, they’re calling for self-regulation, but you can bet, if mobile developers don’t get on board, the FTC will start using the big stick they carry to force compliance.

Building transparency into their apps may cost companies a little time and money now, but it beats the large fines the FTC will levy if they don’t take mobile privacy seriously.

Read the original post:
FTC Report on Mobile Privacy Suggests Ways to Standardize Data Collection Notification

Leave a Reply