Mobile privacy has been a hot issue lately. Apps like Path have been fined recently for leaking user data, and last year the White House announced a “Consumer Privacy Bill of Rights” that encouraged app developers to collect limited personal data and to tailor privacy disclosures to mobile devices.
Now the FTC has issued a report suggesting privacy guidelines aimed at mobile developers. It’s important to note that this report consists of only suggestions, and no single point is mandatory – yet. The timing of the FTC’s report, released on the same day it settled with Path, suggests this may only be its first step in addressing mobile privacy concerns.
In its report, the FTC suggests that developers should build in privacy at every stage in developing their products, should provide consumers with choices related to privacy at a relevant time and context, and should disclose details about their collection and use of consumers’ information. Additionally, the FTC suggests that developers should consider “offering a Do Not Track (DNT) mechanism for smartphone users.” In the report is a myriad of suggestions describing how both developers and platforms can implement these privacy disclosures, including flashing notifications when data is being collected. It should be noted however that the FTC admits such ambiguous icons may only serve to confuse consumers.
Clearly, the FTC believes users need – and want – more obvious privacy options. It notes that “57% of all app users have either uninstalled an app over concerns about having to share their personal information, or declined to install an app in the first place for similar reasons.”
Additionally, “In a 2011 survey of U.S. smartphone users, less than one-third of survey respondents reported feeling in control of their personal information on their mobile devices.” However, in referencing that second point of data, the FTC points to TRUSTe’s Mobile Privacy Survey Results, which indicated that only 19% of consumers feel identity tracking is a primary concern when using mobile apps. (38% identified “privacy” as a primary concern.)
With so much data pointing to a sentiment that mobile users are concerned about their privacy, why are so few mobile users actually concerned about outstanding privacy issues – especially those surrounding identity? While users are undoubtedly inclined to stop using an app that obviously collects too much personal information. most users are unaware of the data being quietly collected as they browse the web, click on ads and yes – even use apps. Most consumers have never heard of the controversy surrounding Do Not Track, and I’m inclined to believe the average consumer wouldn’t read about it anyway.
It’s not that 81% of consumers don’t feel identity tracking on mobile isn’t a primary issue. It’s more likely they don’t know what it is, what it does – or if they are concerned, that there are existing options to turn it off on most mobile devices or, as is the case with the recently released iOS 6.1, reset their tracking ID.
The FTC has likely started paving the path for what will one day be guidelines – not just suggestions – for mobile developers and platforms that will define how the industry must address privacy on mobile devices. As mobile continues to become more mainstream, it will be interesting to see if users continue to be unaware of current privacy options. If this trend continues, this will then beg the question – will actual guidelines by the FTC be necessary to protect consumers’ interests?