FTC Pushes Privacy Guidelines for Mobile: What It Means for Hyperlocals
Hyperlocal businesses that rely on location-based services to reach customers must consider new safeguards — such as “up-front” disclosures and “do not track” mechanisms — to stay in line with new mobile guidelines issued Friday by the Federal Trade Commission. Although the new FTC guidelines are not enforceable regulations, they are aimed at coaxing best practices from the industry before regulators and lawmakers decide to take further measures to regulate data collected from consumers on mobile devices.
“The mobile world is expanding and innovating at breathtaking speed, allowing consumers to do things that would have been hard to imagine only a few years ago,” said FTC Chairman Jon Leibowitz in a prepared statement. “These best practices will help to safeguard consumer privacy and build trust in the mobile marketplace, ensuring that the market can continue to thrive.”
The new FTC report recommends mobile platforms, such as those running on Apple’s iOS, Google’s Android, the BlackBerry, and Microsoft Windows, do the following:
- Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation.
- Consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded.
- Weigh the creation of icons to depict the transmission of user data.
- Consider offering a “do not track” mechanism for smartphone users.
The report then shifts its focus to application developers (which likely affect hyperlocal services), urging them to:
- Provide just-in-time disclosures and obtain affirmative express consent before collecting and sharing sensitive information.
- Consider participating in self-regulatory programs, trade associations, and industry organizations, which can provide guidance on how to make uniform, short-form privacy disclosures.
Advertising networks should work with app developers so that developers can provide truthful disclosures about information collected by the networks and work with mobile platforms to implement a do not track mechanism for the mobile operating systems, according to the FTC. Finally, the FTC report urges application developer trade associations, along with academics, usability experts, and privacy researchers, to work with industry to develop short-form disclosures for app developers and promote standardized app developer privacy policies.
“These principles are universal and uncontroversial: Tell consumers what you’re doing with their data,” Leibowitz said. “Don’t mislead them. And once you have their data, be responsible stewards; safeguard that data from hackers, identity thieves, and other malefactors.”
What is the next step for hyperlocal businesses? They should keep track of developments as industry groups begin to explore ways to self-regulate to assure compliance with the new FTC guidelines. Organizations to consult may be the Mobile Marketing Association, the Digital Advertising Alliance, or the Direct Marketing Association. Hyperlocal businesses also should follow changes that mobile application platforms, such as those offered by Apple, Google, Microsoft, and the BlackBerry, may impose on developers who plan to distribute their applications through the mobile platforms. Hyperlocal businesses should be prepared to modify their applications as these organizations implement self-regulatory strategies for mobile applications.
Brian Dengler is an attorney and journalist who covers legal and business issues in media and information technology law. He is a former vice president of AOL, a former newspaperman, and an Emmy-winning TV journalist. He teaches media management, media law, and journalism ethics at Kent State University. He recently was honored by being included among the Best Lawyers in America for 2013 for information technology.