If companies agree to comply with the U.S. telecom agency's draft
app privacy code of conduct, you may soon know who wants to collect
from your smartphone apps. Does that mean each time you are asked to state your ZIP code or age, you will get to know if the information is being sent to
third parties? Yes -- maybe
The voluntary privacy code, issued in Washington Thursday, was designed to assure better transparency in the types of information that mobile apps collect and use.
The National Telecommunications and Information Administration (NTIA), which advises the White House on telecom and information policy issues, Thursday released news of a draft voluntary code for app developers to raise the bar on transparency.
Go Forth and Test
This code of conduct for mobile applications was hammered out after NTIA meetings seeking guidelines from industry and consumer groups about telling consumers what information an app collects and how that information is used.
Assistant Secretary of Commerce for Communications and Information and NTIA Administrator Lawrence E. Strickling issued the statement on Thursday, referring to this "multistakeholder process" to develop the first privacy code of conduct aimed at improving disclosures on mobile devices.
"NTIA is pleased that today a diverse group of stakeholders reached a seminal milestone in the efforts to enhance consumer privacy on mobile devices. We encourage all the companies that participated in the discussion to move forward to test the code with their consumers," he said.
Corks are still on the bottle, though. The code of conduct is still in tentative mode. Companies are being encouraged to test the code out. In the absence of any official adoption, it would be difficult to say which companies will actually abide by the terms.
Developers and publishers that would choose to abide by the code would be accepting the practice of a "short form notice" code of conduct revealing the kinds of information being collected and by whom -- whether by, for example, ad networks, carriers, resellers, government entities, operating systems and platforms, and social networks.
The data types disclosed would include biometrics, browser history, phone and text logs, contacts, financial data, medical information, user files and location.
While the code is voluntary, the American Civil Liberties Union (ACLU) issued its own statement on Thursday to say they support the code, "as a modest but important step forward for consumer privacy."
The code effort gives consumers a tool to pick the most privacy-friendly applications, said Christopher Calabrese, legislative counsel at the ACLU's Washington Legislative Office.
"The fact that it took a year to come to agreement on just this single measure, however, makes it clear that we need comprehensive privacy legislation in order to gain meaningful privacy protections for consumers," he said.
Why Rules Rock
In a blog post, Calabrese said, "[The] only way to tackle privacy, rein in bad actors, and prevent a race to the bottom is through baseline privacy legislation that sets out rules of the road. After all, we should be able to enjoy cool new technologies without giving up our privacy." Despite limitations, however, he said his organization is pleased to support this code.
The Software & Information Industry Association (SIIA), the trade association representing software and digital content industries, meanwhile, issued a statement Thursday in support of the code.
"We don't agree completely with all of the elements of the code, and we will continue to work to ensure that companies have substantial flexibility in providing privacy notices. However, this Code of Conduct empowers consumers and provides an important roadmap for developers to create 'short form' privacy notices for consumer apps," said Ken Wasch, SIIA President.