California to Develop Mobile Privacy Guidelines
The state of California will issue a set of best practices for mobile app developers this summer, responding to concerns that have emerged nationwide about smartphone use and privacy.
The California Office of Privacy Protection will likely release guidelines in July to advise technology companies about data collection, data sharing and written privacy policies, Joanne McNabb, chief of the office, said Wednesday at an app developers' privacy summit.
Mobile apps can access the personal data stored on smartphones, including a user's physical location and personal contacts, spurring discomfort among some users and privacy advocates.
Earlier this year, California announced a deal with the major mobile platform vendors that would require app makers to make privacy policies readily available to users. The guidelines from the Office of Privacy Protection should make it easier for companies to comply with state law.
California is home to many of the biggest mobile and Internet players, so its regulations could affect privacy practices worldwide.
The Office of Privacy Protection has no regulatory power, but McNabb suggested that well-designed best practices could rein in some of the current excesses in data collection, which several people at the privacy conference likened to the wild West.
"The practices and recommendations we come up with are not a floor of legal compliance, nor are they a ceiling of ideal. I think of them as about chair-rail height. You want to push higher than [developers] are required to go," she said.
Developers want guidance in the current climate of concern over mobile privacy, according to McNabb. And the apps ecosystem is not yet too entrenched to change.
"It's a time in the development of that industry sector where privacy by design is possible; the standards and even business models are not entrenched the way they are in other aspects of the technology world," said McNabb. "It's a teachable moment."
The guidelines will be developed with an advisory panel of privacy experts and industry stakeholders including mobile platform providers, advertisers, the GSMA mobile carriers association and the Application Developers Alliance.
The guidelines will build on recommendations already developed by the GSMA, the World Wide Web Consortium and the Center for Democracy and Technology.
Cameron Scott covers search, web services and privacy for The IDG News Service. Follow Cameron on Twitter at CScott_IDG.