Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade Commission

331 views

Published on

Mobile Apps for Kids: Current Privacy Disclosures are Dis app ointing

This session will lay out the key findings of the FTC’s staff report on kids apps, which recommends that players in the kids mobile app ecosystem provide better information to parents about apps’ data collection practices. We will also discuss the FTC’s recent privacy initiatives and their application to mobile channels.

Patricia Poss, Chief, BCP Mobile Technology Unit, Division of Financial Practices. Bureau of Consumer Protection - Federal Trade Commission

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
331
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Mobile Web and Apps World New Orleans Session 10 Patricia Poss Federal Trade Commission

  1. 1. Patricia PossFederal Trade Commission The views expressed are those of the speaker and not necessarily those of the FTC or any other person. 1
  2. 2.  Mobile Technology Unit Law enforcement actions Policy initiatives 2
  3. 3.  Dedicated staff Technologist assistance Testing capabilities 3
  4. 4.  Section 5 of the Federal Trade Commission Act broadly prohibits “unfair or deceptive acts or practices in or affecting commerce.” ◦ Deception  a material representation or omission that is likely to mislead consumers acting reasonably under the circumstances ◦ Unfairness  practices that cause or are likely to cause substantial injury to consumers that are not outweighed by countervailing benefits to consumers or competition and are not reasonably avoidable by consumers. Flexible law that can be applied to many different situations, entities, and technologies. 4
  5. 5.  W3 Innovations Frostwire Google Facebook Mobile background screeners - warning letters 5
  6. 6.  Complex ecosystem ◦ Operating system providers ◦ Application developers ◦ Handset manufacturers ◦ Carriers ◦ Ad networks ◦ Service providers 6
  7. 7.  Screen size Communication channels: texting, mobile web browser, mobile apps “On the go” nature of use Personal Additional hardware capabilities – camera, microphone, gyroscope, compass, etc. GPS & location features Easy sharing of user information Rapidly evolving technology 7
  8. 8.  Who collects what information? How is it used? With whom is it shared? Are consumers being adequately informed? Do they have a choice? 8
  9. 9.  Issued Final Report, March 2012. Applies to Mobile environment. Key elements: Privacy by Design, Simplified Choice, and Greater Transparency. 9
  10. 10.  Collection and use of data is ubiquitous and often invisible. Consumers lack an understanding of the nature and extent of this collection. Many consumers are concerned. Collection and use has led to significant benefits. Traditional distinctions between personally identifiable and anonymous data are blurred. 10
  11. 11.  Make privacy the “default” setting for commercial data practices. Give consumers greater control through simplified choices and increased transparency. Implementing will enhance trust and stimulate commerce. 11
  12. 12.  Intended to articulate best practices for companies. Intended to assist Congress as it considers privacy legislation. Not intended to serve as a template for law enforcement action or regulations. 12
  13. 13.  “Bake-in” privacy -- Companies should promote consumer privacy throughout their organizations. Companies should incorporate substantial privacy protections into their practices, such as data security, reasonable collection limits, sound retention and disposal, and data accuracy. 13
  14. 14.  Limit collection to data they need for a requested service or transaction. ◦ Ex. Wallpaper app doesn’t need location. ◦ Location data collection heightens need for reasonable policies for purging data. ◦ Minimize the risk that information could be used in harmful or unexpected ways. Calls on mobile entities to establish standards that address data collection, transfer, use and disposal, particularly for location data. 14
  15. 15.  If data is shared with third parties, work to provide more prominent notice and choices about such practices. Not all companies have adequately disclosed the frequency or extent of the collection, transfer, and use of data. 15
  16. 16.  Provide easy-to-use choice mechanisms that allow consumers to control whether their data is collected and how it is used. Companies do not need to provide choice for practices that are consistent with the context. ◦ Fraud preventions, internal operations, fulfillment, legal compliances and public purpose, and first-party marketing. For practices requiring choice, companies should offer the choice at a time and in a context in which the consumer is making a decision about his or her data. Companies should obtain affirmative express consent before: ◦ 1) using consumer data in a materially different manner than claimed or ◦ 2) collecting sensitive data. 16
  17. 17.  Increase the transparency of data practices. Privacy notices should be clearer, shorter, and more standardized to enable comprehension and comparison. Calls on mobile participants to develop short meaningful disclosures. ◦ Urges companies providing mobile services to develop standard notices, icons, and other means to communicate with consumers in a consistent and clear way. ◦ Dot Com Disclosure Workshop – May 30, 2012. 17
  18. 18. 18
  19. 19.  Reviewed kids apps in Apple’s iTunes App Store and Google’s Market. Looked for disclosures available in the app stores or on developers’ websites. Very little information disclosed prior to download. Recommendation – app stores, developers and other ecosystem participants need to improve disclosures regarding data practices. 19
  20. 20. 20
  21. 21. 21

×