U.S. Government proposes new privacy ‘rules’ for apps

Image: iosappsnews.com

Image: iosappsnews.com

App developers may soon be asked to tell us what data they collect and how it is used under a set of government proposals released today (via TNW). 

The US government’s National Telecommunications and Information Administration today issued its first draft of what will be a mobile apps code of conduct intended to better protect consumers and their privacy. If made final, policy states that publishers must provide consumers with “short-form” notices in multiple languages informing them of how their data is being used [...]

Just so that there’s no doubt about what “data” means, the government entity specifically says it includes biometrics, browser history, phone or text log, contacts, financial info, health, medical, or therapy info, location, and user files …

There is doubt, however, about how effective the proposals might prove …  Read more

German court rules Apple sharing customer data violates privacy laws

location-based-services

From Apple’s Privacy Policy

Bloomberg reports that the Berlin Regional Court in Germany has told Apple to change its policies for managing customer’s data on its website after ruling that Apple’s terms for data use go against German laws. According to a statement posted by a German consumer group Verbraucherzentrale Bundesverband (VSBV), the courts have ruled that Apple cannot request “global consent” for use of a customer’s data” without informing the user of where and how the data will be used. It will also no longer be able to use German users’ data to “promote location-based services and products” or deliver the data to third-parties for advertising purposes:  Read more

FTC recommends Apple, Google, BlackBerry, Microsoft, & app devs improve mobile privacy disclosures

Screen Shot 2013-02-01 at 10.51.38 AMThe Federal Trade Commission released a report today that recommends how owners of mobile platforms can better inform consumers about how their data is being handled. The FTC named a number of companies in its report, including: Amazon, Apple, BlackBerry, Google, and Microsoft, as well as “application (app) developers, advertising networks and analytics companies, and app developer trade associations.”

The recommendations follow the FTC updating its online child privacy law to require parental consent before collecting data from children under the age of 13. It also came as Path agreed to pay an $800,000 settlement to the FTC forviolations of the Children’s Online Privacy Protections Act. Path posted a response to the FTC settlement on its website.

In the report, titled “Mobile Privacy Disclosures, Building Trust Through Transparency,” the FTC issued a number of recommendations. The FTC recommended that all platform owners “Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation.” It recommended app developers take the same measures in addition to having “a privacy policy and make sure it is easily accessible through the app stores.” The report also suggested that companies implement a ” a one-stop “dashboard” into their operating systems so consumers can easily view how their data is being handled by specific apps.

Other recommendations the FTC asked Apple and others to implement include new icons that “depict the transmission of user data” and a “Do Not Track” option for users to easily opt out of their data being sent to third parties.

“FTC staff strongly encourages companies in the mobile ecosystem to work expeditiously to implement the recommendations in this report.  Doing so likely will result in enhancing the consumer trust that is so vital to companies operating in the mobile environment.  Moving forward, as the mobile landscape evolves, the FTC will continue to closely monitor developments in this space and consider additional ways it can help businesses effectively provide privacy information to consumers,” the report states.

A full list of the recommendations made by the FTC for mobile platform owners, advertising agencies, and app developers is below: Read more

Google could soon face big fines over iOS Safari privacy controversy in FTC investigation

In February, the story broke that Google and other advertising companies were bypassing iOS Safari’s privacy settings and continuing to track users without their consent. Google quickly disabled its code responsible for the tracking after a story from The Wall Street Journal published, and Apple then claimed it was “working to put a stop” to the issue.

Now, a new report from Mercury News claimed the U.S. Federal Trade Commission is considering whether to fine Google over the incident. The decision is expected in the next 30 days:

The Federal Trade Commission is deep into an investigation of Google’s actions in bypassing the default privacy settings of Apple’s (AAPL) Safari browser for Google users, according to sources familiar with ongoing negotiations between the company and the government… Within the next 30 days, the FTC could order the Mountain View search giant to pay an even larger fine in the Safari case than the penalty the Federal Communications Commission hit Google with Friday, say the sources, who spoke on condition of anonymity.

The report is referring to Google being recently fined $25,000 by the FCC after it allegedly “deliberately impeded and delayed” an investigation related to Street View cars. The heart of the Safari bypassing investigation is whether the company is violating a previous privacy agreement made with the FTC following controversy over the failed “Buzz” service. The report claimed Google could face up to $16,000 per violation per day for violating the agreement. Google said to Mercury News today it would “cooperate with any officials who have questions” and explained making its +1 compatible on mobile Safari created the issue:

Read more

Google and other ad companies have been tricking iOS Safari into accepting ad cookies, regardless of security settings

Internet giant Google found itself in a middle of a potential public relations nightmare following a Wall Street Journal article this morning. Tentatively titled “Google’s iPhone Tracking,” the article asserts that “Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers” to follow iPhone users even after they explicitly set Safari’s privacy controls to disable such tracking. According to authors Julia Angwin and Jennifer Valentino-Devries, Google used “special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users.” Google apparently disabled the problematic code after the newspaper contacted the Mountain View, Calif.-based Company.

Stanford researcher Jonathan Mayer discovered that although mobile Safari’s default setting blocks cookies from third parties and advertisers, Google and advertising companies Media Innovation Group, Vibrant Media, and Gannett PointRoll fooled mobile Safari into thinking “a person was submitting an invisible form to Google,” letting them in turn install a tracking cookie on users’ iPhones and PCs without consent.

Once a cookie installed, a Safari glitch allowed subsequent cookies to attach. Both Google and Apple issued statements following this morning’s report…

Read more

FTC criticizes poor privacy disclosures in apps for kids, says industry must improve standards

Let’s take a quick break from the hordes of Mountain Lion OSX news to talk about privacy issues within apps…again. However, this time the spotlight is on children’s apps in both Apple’s App Store and Google’s Android Marketplace.

The Federal Trade Commission released a report today (PDF) based on a survey that found apps for children do not fully disclose the types of data collected nor do they adequately educate parents about data harvesting.

The consumer protection agency scrutinized privacy policies, recommended each developer give comprehensible disclosures on how data is accrued and shared, including whether children’s data is linked to social network apps, and it even mentioned conducting a six-month review on disclosures and using enforcement if needed. The report focused on the two main app stores themselves and requested more be done to tell children and their parents about privacy concerns…

Read more