It has been six months since Kamala Harris, California’s attorney general, started to talk to six of the world’s most powerful hi-tech companies about improving the protection of privacy of those that use mobile computing devices such as smartphones and tablets.
Privacy Policy Must Pop Up
Now the Golden State is finally taking action, telling these companies and others that they must forewarn users that they are extracting sensitive information from their mobile devices and to stop if the users ask them to.
The talks which continued over the course of the last half year led to an agreement which will force mobile apps which collect personal information to display “privacy policies” before their services are installed via the apps on their device.
The six mobile mega-giants who are cooperating with Harris on this endeavor are Apple Inc, which produces iPhones and iPads; Google Inc, the search engine icon and maker of the Android operating system mobile software; Amazon.com Inc, maker of Kindle Fire tablets; Microsoft Corp, producer of mobile versions of its ubiquitous computer operating system; Research in Motion, creator of BlackBerry mobile phones; and Hewlett-Packard, which is giving its mobile software to the open-source community of users.
“We are assuming everyone is going to cooperate in good faith and not get cute,” said Harris, who plans to review compliance with the guidelines in six months.
Feds Getting Into the Act
The Obama administration is also venturing into the new territory of trying to reign in what has otherwise been an almost free-for-all development of applications which often have very troubling implications for the constitutionally protected right to privacy of individuals in the United States. On Thursday the federal government will issue new guidelines that it would like to see adopted by technology companies, namely, creating codes of conduct for mobile apps in addition to a number of other digital services.
Harris explained that most mobile apps don’t even have any privacy policy. Part of the reason for this omission is confusion over whether or not a seven-year old law applies to them. The law states that online services that collect personal information must “conspicuously post” a privacy policy. Even the most intrusive of apps, the ones that crawl through address books and other personal files found on smartphones and tablets, don’t post a privacy policy. Apps with this data can often attract more users, or even make their services more compelling.
“I would suggest most consumers don’t want that to happen and in most cases don’t know that is happening,” Harris said.
Lawsuits on the Horizon?
Harris says she will sue any mobile app maker who sucks up personal date without telling their users that they are doing so. Even when mobile app developers do obey the law, Harris admitted, it might still not be enough to protect most people, who will hesitate before reading long and hard to understand privacy policies. It is easier for most people to just check “accept” and not worry about the consequences.
On the other hand, just being forced to take the time and write a coherent privacy policy might be all that is needed to persuade mobile app developers to think about what they are doing more thoroughly, believes Jon Fox, a consumer advocate for the California Interest Research Group.
“Having privacy policies is step one to protecting consumers’ personal information,” Fox said in a statement. “Step two is making sure the privacy policies are strong.”