With lawmaker and consumer concern over mobile application privacy and security continuing to mount, the Electronic Frontier Foundation digital rights advocacy organization unveiled its Mobile User Privacy Bill of Rights, urging developers to build applications that follow the document's policies and practices.
The EFF proposes that developers should give users the right to exercise control over what personal data applications collect about them and how they use it, with a particular emphasis on concerns unique to mobile devices, e.g. address books and photos uploaded without express subscriber consent as well as location data. The EFF also stresses greater transparency around what data apps are accessing, how long the data is kept and with whom it will be shared. The EFF adds developers should respect context, collecting data that is used or shared only in a manner consistent with how the information was provided--moreover, they should responsible for securing all data collected and stored, and accept accountability for the behavior of all software they create.
The EFF goes on to recommend specific practices that developers should embrace to guard user privacy, including data anonymization and obfuscation, secure data transit and storage, internal security, penetration testing and instituting Do Not Track settings at the operating system level. "These recommendations represent a baseline, and all the players--from the application developers to the platform providers to the ad networks and more--should work to meet and exceed them," EFF activist Parker Higgins writes on the EFF's Deeplinks Blog. "As the mobile app ecosystem has matured, users have come to expect sensible privacy policies and practices. It's time to deliver on those expectations."
- read this EFF Deeplinks blog entry
FTC to Apple, Google: Apps for kids must disclose data privacy practices
Amid privacy uproar, Apple promises to detail app permissions
Path admits mistake, allows users to opt out of contacts database
Path slammed for uploading users' mobile address books
Lawmaker Markey unveils Mobile Device Privacy Act