Will These New Guidelines Improve Apple’s Data Collection Transparency?
The short form notice will inform the consumer what types of information the app is collecting, including biometrics; browser history; phone or text logs; contacts; financial information; health or medical information; location; and user files (such as photos). The short form notice will also disclose what third-party entities have access to this information, including ad networks, carriers, consumer data resellers, data analytics providers, government entities, operating systems, social networks, and other apps.
The inclusion of biometric information is noteworthy considering that many companies, including Apple, are rumored to be developing mobile devices that will include biometric capabilities. Apple has been rumored to be developing a fingerprint sensor for the next iteration of iPhone ever since it bought AuthenTec, a mobile and network security company, last summer. Presumably this Code of Conduct would forbid any apps from collecting your fingerprint without your permission.
According to the Code of Conduct draft, the guidelines were written with input from “privacy, civil liberties and consumer advocates, app developers, app publishers, and other entities across the mobile ecosystem.” The guidelines state that “app developers are encouraged to provide consumers with access to the short notice prior to download or purchase of the app.”
The guidelines also provide an exception for data collecting disclosures. The short form does not have to disclose information it collects if it takes measures to “de-identify” the data, make sure it doesn’t try to “re-identify” the data, and prohibits “downstream recipients” from doing the same.
Assistant Secretary of Commerce for Communications and Information and National Telecommunications and Information Administration Administrator Lawrence E. Strickling stated via the NTIA website that, “NTIA is pleased that today a diverse group of stakeholders reached a seminal milestone in the efforts to enhance consumer privacy on mobile devices. We encourage all the companies that participated in the discussion to move forward to test the code with their consumers.”
Follow Nathanael on Twitter (@ArnoldEtan_WSCS)