Will These New Guidelines Improve Apple’s Data Collection Transparency?

retina display TV eyeIn an effort to enhance transparency about the types of information that apps collect from users’ mobile devices, a coalition organized by the United States Department of Commerce has written an app Code of Conduct that outlines a voluntary short form privacy notice for app developers and publishers reports Apple Insider. The purpose of the short form notice is to efficiently convey the app information policy in a form that is easy for consumers to understand. Although Apple (NASDAQ:AAPL) already provides a privacy policy statement, this new Code of Conduct may lead the Cupertino-based company to create a more condensed form.

The short form notice will inform the consumer what types of information the app is collecting, including biometrics; browser history; phone or text logs; contacts; financial information; health or medical information; location; and user files (such as photos). The short form notice will also disclose what third-party entities have access to this information, including ad networks, carriers, consumer data resellers, data analytics providers, government entities, operating systems, social networks, and other apps.

The inclusion of biometric information is noteworthy considering that many companies, including Apple, are rumored to be developing mobile devices that will include biometric capabilities. Apple has been rumored to be developing a fingerprint sensor for the next iteration of iPhone ever since it bought AuthenTec, a mobile and network security company, last summer. Presumably this Code of Conduct would forbid any apps from collecting your fingerprint without your permission.

According to the Code of Conduct draft, the guidelines were written with input from “privacy, civil liberties and consumer advocates, app developers, app publishers, and other entities across the mobile ecosystem.” The guidelines state that “app developers are encouraged to provide consumers with access to the short notice prior to download or purchase of the app.”

The guidelines also provide an exception for data collecting disclosures. The short form does not have to disclose information it collects if it takes measures to “de-identify” the data, make sure it doesn’t try to “re-identify” the data, and prohibits “downstream recipients” from doing the same.

Assistant Secretary of Commerce for Communications and Information and National Telecommunications and Information Administration Administrator Lawrence E. Strickling stated via the NTIA website that, “NTIA is pleased that today a diverse group of stakeholders reached a seminal milestone in the efforts to enhance consumer privacy on mobile devices.  We encourage all the companies that participated in the discussion to move forward to test the code with their consumers.”

Follow Nathanael on Twitter (@ArnoldEtan_WSCS)