App Developer Privacy Guidelines: Checklist (Legal Update)
May 20, 2014
Are you a software app developer? If so, you should read this brief summary of some of the best published privacy guidelines for app developers.
The Federal Trade Commission (FTC), the Attorney General for the State of California, and the Future of Privacy Forum and Center for Democracy & Technology have each created a great privacy guideline document for app developers. If you are a developer you need to be informed about this topic, as missing these suggestions can cost you a lot (remember the Path.com app privacy fiasco?).
App Developer Privacy Guidelines: Checklist
To help consolidate this information, I’ve included high-level highlights and summaries here, including an extremely useful 7-point checklist from the FPF and CDT:
App Platforms
- Make app privacy policies accessible from the app platform
- Use the platform to educate users on mobile privacy
- Use Just-In-Time Disclosures
- Use privacy icons
App Developers
- Review the collection and use of personally identifiable data
- Create a clear Privacy Policy
- Use Enhanced Measures, especially in app notices (more info here)
- Use Just-In-Time Disclosures
Mobile Ad Networks
- Avoid out-of-app ads
- Create a Privacy Policy
- Move away from device identifies to temporary identifies (see CarrierIQ Situation)
Mobile Carriers
- Educate mobile customers on privacy issues
7-Point Checklist from the Future of Privacy Forum and Center for Democracy & Technology
- Practice “Privacy by Design” (this is a Canadian concept, but it has been adopted by the FTC)
- Make Your Privacy Policy Easily Accessible
- Communicate Openly & Effectively
- Provide Users with Choices & Controls
- Use Enhanced Notices
- Ensure Accountability
- Secure Your Users’ Data!
As you can see, every app developer needs to get up to speed on the latest information regarding app privacy. Keep in mind that my blog post is only a very brief outline of the issues, so please read the actual guideline documents (links below). Also, all of these guideline documents are recent (from 2011- 2013), so I would read them now (or give them to your app developer to read).
Resources
- FPF and CDT: Best Practices for Mobile Application Developers
- FTC: Mobile Privacy Disclosures – Building Trust Through Transparency
- California Attorney General: Privacy on the Go
Disclaimer: This post is for informational and educational purposes only, and is not legal advice. You should hire an attorney if you need legal advice, which should be provided only after review of all relevant facts and applicable law.