FPF & CDT Release Best Practices for Mobile App Developers

FPF & CDT Release Best Practices for Mobile App Developers

Today, the Future of Privacy Forum and the Center for Democracy & Technology publicly released a beta version of their “Best Practices for Mobile Applications Developers.” We have been working on this guidance over the past year in consultation with stakeholders from industry and civil society, both in the United States and abroad. We hope that this document can serve as a primer for developers who are interested in preserving their customers’ privacy but who aren’t necessarily privacy experts themselves.

We started on this project because of heightened privacy issues in the mobile environment. Application developers can access a considerably broader range of information about users than traditional web developers. Last year, the Wall Street Journal reported that of the top 101 apps, most were transmitting personal information about users, such as unique device identifiers, age, gender, and precise geo-location information to third parties. Research from the Future of Privacy Forum has shown that even in the most popular applications, less than half have privacy policies detailing what they do with customer data.

The best practices are based on long-established privacy principles that we believe should apply to everyone who collects and processes individual information, not just mobile developers. Among the recommendations that we make to developers are:

  • Be completely transparent about how you are using or transmitting customer data

  • Don’t access more data than you need, and get rid of old data

  • Give your customers control over uses that users might not expect

  • Use reasonable and up-to-date security protocols to safeguard data

  • As the app developer, you need to be responsible for thinking about privacy, and taking privacy into consideration during the various stages of your app life cycle


This is not a final pronouncement on our view as to what app developer best practices are.  We’re soliciting public comment on this draft — if you have feedback, please send your thoughts to info@futureofprivacy.org


Also, check out the survey we released yesterday finding that Free Mobile Apps are Better than Paid on Privacy Policies.

Leave a Reply

Privacy Calendar

all-day Indoor Location, Privacy and Avoiding “The Creepy Line” @ W New York - Union Square
Indoor Location, Privacy and Avo… @ W New York - Union Square
Jul 22 all-day
Consumer privacy is probably the key issue facing digital marketers: personalization and targeting vs. “surveillance.” As smartphones increasingly make data about offline consumer behavior available, [...]
all-day Big Data: A Tool for Inclusion or Exclusion? @ Constitution Center
Big Data: A Tool for Inclusion o… @ Constitution Center
Sep 15 all-day
The Federal Trade Commission will host a public workshop entitled “Big Data: A Tool for Inclusion or Exclusion?” in Washington on September 15, 2014, to [...]
all-day IAPP Privacy Academy and CSA Congress 2014 @ San Jose Convention Center
IAPP Privacy Academy and CSA Con… @ San Jose Convention Center
Sep 17 – Sep 19 all-day
This fall, the International Association of Privacy Professionals (IAPP) and Cloud Security Alliance (CSA) are bringing together the IAPP Privacy Academy and the CSA Congress [...]
6:00 pm Consumer Action’s 43rd Annual Awards Reception @ Google
Consumer Action’s 43rd Annual Aw… @ Google
Oct 21 @ 6:00 pm – 8:00 pm
To mark its 43rd anniversary, Consumer Action’s Annual Awards Reception on October 21, 2014, will celebrate the theme of “Train the Trainer.” Through the power of [...]
all-day Data Privacy Day
Data Privacy Day
Jan 28 all-day
“Data Privacy Day began in the United States and Canada in January 2008, as an extension of the Data Protection Day celebration in Europe. The [...]

View Calendar