Privacy policies now standard in app development
In 2011, California Attorney General Kamala Harris brokered an agreement with Apple, Google, Microsoft, Amazon, Hewlett-Packard, Research In Motion and Facebook to begin improving mobile privacy protections by requiring privacy policies for apps.
Kugele said companies need to make sure they are complying with the policy they set forth, as well.
Companies should be transparent about what information is being collected, both actively and passively, and how that information will be used.
Kugele said more apps are being designed to allow users choices or to opt out of providing information. Companies need to think about what information they really need to collect and make sure the app design fits within the needs of the company’s data collection.
“For example, some apps will use your location,” he explained. “Maybe a retailer has an app that will let you locate a store near to you, and to assist with that it will use the geo-location information that your phone has. It will know exactly where you are and can give you information on the nearest store to where you are.”
If an app is designed for kids, there are a few additional details to consider, including the Children’s Online Privacy Protection Act, which says that if an app will collect information about children, there must be parental consent.
“The FTC has looked at mobile apps that are out there geared towards children, and they are finding that there is not adequate disclosure and there is definitely not any kind of parental consent, or very rarely is there any kind of parental consent happening, so they are very concerned about that,” Kugele said.
Individuals can also take a more active approach to protecting their privacy.
First, know that apps have the ability to collect everything: location, contacts, photos, texts, emails, social network relationships and even calendar items.
“For a lot of companies, the app will be part of their marketing campaign,” Kugele said. “It’s another way to interact with the customer and give them information about your products and make it easier for the customer to find or use your products or services. So it depends on the purpose. If the purpose of the app is to be an extension of your company, you are probably going to be a little more respectful about people’s privacy and are more likely to give them options because you don’t want to offend the consumer.
“On the other hand, if the purpose of the app is to collect as much information about a consumer as possible — maybe it’s disguised as a game or something like that — you’re less likely to have these kinds of controls.”
“People themselves have to be a little bit careful about what types of apps they are putting on their phone,” Kugele said. “If you’re downloading games on your business iPhone, be aware that some of these are just data collection devices, especially the free apps. Their business model is to collect information and resell it — that’s how they are making money.”
For parents, Kugele said the best thing they can do is to periodically look at the apps their children are downloading and the privacy policies so that they know what information the companies are collecting.