Today, the Future of Privacy Forum and the Center for Democracy & Technology publicly released a beta version of their “Best Practices for Mobile Applications Developers.” We have been working on this guidance over the past year in consultation with stakeholders from industry and civil society, both in the United States and abroad. We hope that this document can serve as a primer for developers who are interested in preserving their customers’ privacy but who aren’t necessarily privacy experts themselves.
We started on this project because of heightened privacy issues in the mobile environment. Application developers can access a considerably broader range of information about users than traditional web developers. Last year, the Wall Street Journal reported that of the top 101 apps, most were transmitting personal information about users, such as unique device identifiers, age, gender, and precise geo-location information to third parties. Research from the Future of Privacy Forum has shown that even in the most popular applications, less than half have privacy policies detailing what they do with customer data.
The best practices are based on long-established privacy principles that we believe should apply to everyone who collects and processes individual information, not just mobile developers. Among the recommendations that we make to developers are:
This is not a final pronouncement on our view as to what app developer best practices are. We’re soliciting public comment on this draft — if you have feedback, please send your thoughts to firstname.lastname@example.org
Also, check out the survey we released yesterday finding that Free Mobile Apps are Better than Paid on Privacy Policies.