The Year of Mobile (Privacy)

Reviewing recent history, every year since the launch of the iPhone and subsequent OS was supposed to be the the year of mobile – device adoption, breakthroughs in monetization, the majority screen, the only screen. And in some respects this came to fruition. A majority of U.S. adults own smartphone devices.

This momentous migration to smartphones and tablets brought with it a whole host of questions about consumer expectations and privacy. Your location became more precise. Your photo album or address book was accessible by unrelated apps. Cookies were placed on the backburner behind device and statistical identifiers. But for many regulators and privacy experts, the year of mobile meant becoming mired in the technology itself, or focused only on the new parties at the table such as app developers. And, there are no shortage of mobile privacy guidelines, codes of conduct, and best practices documents in the marketplace today reflecting this knee-jerk reaction to the technological changes and new market entrants.

The reality is, my colleague Joe Laszlo got it right back in June in his ClickZ column “(Re)Defining Mobile“: mobile is a behavior, not a technology. Industry innovation runs concurrent with consumer behavior. This means safeguarding consumer privacy must be about meeting the consumer’s expectations, wherever she is, no matter the device.

Last week, the Digital Advertising Alliance (DAA) released guidance on the “Application of Self-Regulatory Principles to the Mobile Environment.” Building on the success of the Self-Regulatory Program for Online Behavioral Advertising and the collection of multi-site data, the DAA, with the help and resources of the IAB Mobile Marketing Center of Excellence, captured the unique complexities of the mobile marketplace in seamless, technology-neutral principles that extend far beyond any mobile privacy guidance in-market today.

The result? Transparency and consumer control over data collection practices, regardless of the device, technology, or the party doing the collection.

• The DAA Mobile Guidance sets a high standard. The consumer must consent to the collection of precise geo-location data and personal directory data (such as data from your address book, calendar, photo album, or text logs); and, just as with multi-site data, the consumer can now exercise choice over data collected across applications.
• The DAA Mobile Guidance covers every step of the value chain. At the same time consumers are spreading their time out over multiple screens and devices, the industry is approaching a new phase of convergence and horizontal business development. A wireless carrier may also serve as an ad network, a publisher, or an app developer. Consumer-facing control over data collection must be simple and about the practice of collection, not the entity doing it. This is why the DAA Guidance covers all industry parties as it relates to their specific data collection practices.
• The DAA Mobile Guidance, unlike other codes and best practices, is enforceable. When a consumer exercises choice and control over data collection, it is then backed up with the teeth of accountability through third-party enforcement by the Council of Better Business Bureaus (CBBB). Even more, if a party cannot be brought into compliance with the code, the CBBB will refer the offending party to the Federal Trade Commission (FTC) for further investigation.

In what became a nearly two-year long process to better understand the complex mobile marketplace and to create seamless rules of the road that translated across all channels, the DAA accomplished an unprecedented new standard in consumer control. But, we are not done. Just as the industry innovates at a pace rivaling Moore’s Law, so, too, must our standards in safeguarding consumer privacy.

Image on home page via Shutterstock.