Over The Air 2010: Privacy for Mobile Developers
Upcoming SlideShare
Loading in...5
×
 

Over The Air 2010: Privacy for Mobile Developers

on

  • 1,468 views

A talk by Kasey Chappelle and Ricardo Varela about guidelines for implementing privacy in your mobile applications

A talk by Kasey Chappelle and Ricardo Varela about guidelines for implementing privacy in your mobile applications

Statistics

Views

Total Views
1,468
Views on SlideShare
1,462
Embed Views
6

Actions

Likes
2
Downloads
28
Comments
0

3 Embeds 6

http://renaissancechambara.jp 4
http://www.linkedin.com 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Over The Air 2010: Privacy for Mobile Developers Over The Air 2010: Privacy for Mobile Developers Presentation Transcript

    • Privacy for Mobile Developers Kasey Chappelle http://www.vodafone.com/start/privacy.html Ricardo Varela http://twitter.com/phobeo OverTheAir 2010 image borrowed from http://xkcd.com
    • What is Privacy?  The ability of individuals to know of, and to express choice and control over how information about them is collected, shared and used
    • Why should I care?  Your users (increasingly) care  The press loves a privacy story  Regulators are watching
    • Some defnitions: Personal Information  Data relating to an identifed or identifable individual, for example: ● collected via an application UI ● gathered indirectly from  To be identifed, an user's device individual doesn't need to ● gathered from user's be called by name, their behaviour information may be associated to a unique ● generated by the user identifer
    • Some defnitions: Location data  Information that identifes the geographical location of a user's device, which may include GPS coordinates, cell id info, wif essids or other less granular data such as town or region
    • Some defnitions: Active Consent  Affrmative indication of agreement by the user to a specifc and notifed use of their personal information. Must be captured in a way in which consent is not the default option.
    • About Transparency, Choice and Control
    • Be transparent  Tell your user who you are, what personal information your app will use and why, and who else you might share it with
    • Be transparent A good place to put this is in your privacy policy, clearly linked from the app
    • Be transparent A good place to put this is in your privacy policy, clearly linked from the app
    • Be transparent Remember that just teling the user WHAT you need doesn't tell them WHY you need it
    • Be transparent Remember that just teling the user WHAT you need doesn't tell them WHY you need it
    • No surreptitious data collection  Before users activate the app, make them aware of features that might affect their privacy  Eg: don't access/use location data without letting them know
    • No surreptitious data collection Remember that there is some data you may have access to even without specifc APIs or prompting (for example, location from their IP) and inform your user if you intend to use it too
    • Identify yourself  Users must know who is using their personal information so they can exercise their rights to access, correct and delete information.  That info can be included in the application itself
    • Identify yourself Can the user easily fnd contact information inside the app?
    • Identify yourself Can the user easily fnd contact information inside the app?
    • Minimize the info collected  The application should collect and use only the info required for its normal operation and other legitimate uses (e.g., consent, required by law)
    • Minimize the info collected Do you really need all that information?
    • Gain their consent  Sometimes (but not always) users will need to give active consent to use of their information: secondary purposes, public display, sharing with third parties or remote/persistent storage
    • Gain their consent Will the users be aware I'm about to do this action with their data?
    • Gain their consent Will the users be aware I'm about to do this action with their data?
    • Help them choose  Make users aware of the privacy-related default settings and allow them to exercise their privacy choices (in an easy way)  You can help a user decide by showing the consequences of the actions being proposed
    • Help them choose Do users understand what they are allowing you to do?
    • Beware of the blanket  Whenever you access data with a blanket permission (no prompts required) be sure to show your own prompt reminding the user that this is the case, at least once and until the user confrms they want no further reminders image borrowed from http://www.starkeith.net/
    • No silent updates  Inform the users of material changes in the way your application will collect their data BEFORE you enable the changes. If the change is essential for the application, give them a chance to disable/exit the application
    • No silent updates Use whichever mechanisms your platform has to let users know what has changed
    • No silent updates Use whichever mechanisms your platform has to let users know what has changed
    • Don't facilitate stalking or surveillance  Applications should not collect, use or share data about someone other than the user except when the other party has chosen to publish that information
    • Don't facilitate stalking or surveillance
    • About Data Retention and Security
    • Tell them why  Inform the user why you need to retain her personal data and for how long you need to keep it (and make sure it's justifable)
    • Tell them why Make sure your data management policy is justifed
    • Explain them how you know so much  Whenever you offer results based on data mining, try not to surprise your user by providing some explanation about how their data has been used to reach those conclusions
    • Explain them how you know so much Let the users know what part of their information you use to minimize the surprise
    • Keep it secure  User data stored on the device or remotely must be stored somehow securely, for example by being encrypted (and ensuring the encryption keys are kept in a trusted environment)
    • Keep it secure Ensure some form of encryption when storing the users' information
    • Delete my data if I ask you to  Give the users a way to either delete their data themselves or contact you and ask you to delete it.
    • About Advertising
    • Not all Advertising has an impact in Privacy  When we talk Advertising here, we refer to Advertising that uses personal information, such as targeted advertising, or advertising that involves user data being send to a third party, such as embedding a third party ad tracking code
    • Let me know you have Ads  Let users know the application will display ads before they activate it. Additionally you can mention what to do if they don't want ads (like getting the paid-for app)
    • Let me know you have Ads Users should know beforehand what to expect
    • Let me know you have Ads Users should know beforehand what to expect
    • rd Give users choices about 3 parties  If you're using analytics or network advertisers, you're required by law to let users know (generally in a privacy policy) and tell them how to opt out (or get their opt in, in some countries).
    • rd Give users choice about 3 parties Let me opt out if I don't want to share data (and is not essential to the service)
    • Target advertisement using legitimate data  Avoid targeting ads using personal information which hasn't been collected for the application's primary purpose
    • Respect the privacy of my network  Don't spam your users' contacts - applications should not collect information about or send messages to contacts without the user's active consent
    • Respect the privacy of my network Don't spam my contacts
    • About Children and Adolescents
    • Age verify where possible and appropriate  If the application context requires features like social network access or displays restricted content, integrate age verifcation controls. When not possible, you can implement self-certifcation asking for a date of birth before activation of the application or feature.
    • Age verify where possible and appropriate If nothing else is available, self-verifcation is fne
    • Set privacy-protective default settings  Applications targeted at children and adolescents should will require careful treatment of social features, especially those using location.
    • In summary...
    • High Level Principles  Be transparent – don't surprise your users with unexpected data uses or sharing  Be reasonable – if you don't need data, don't collect it; if it's no longer needed, don't keep it  Give your users meaningful choices about how their data is collected, used and shared  Respond to your users' queries – in some cases, the law requires it
    • Thanks! :) Kasey Chappelle http://www.vodafone.com/start/privacy.html Ricardo Varela http://twitter.com/phobeo thanks to Belen Albeza (@ladybenko) for the cartoons!