FTC Intensifies Mobile Privacy Focus

The Federal Trade Commission is intensifying its focus on mobile privacy. Today, the agency published tips for consumers to protect their privacy when using mobile apps, and recently, FTC Commissioner Julie Brill suggested that do-not-track should apply to mobile platforms.

“It’s not always easy to know what data a specific app will access, or how it will be used,” states the “Understanding Mobile Apps” feature just added to the OnGuardOnline.gov site maintained by the FTC. The resource explains that applications can “access phone and email contacts, call logs, internet data, calendar data, data about the device’s location, the device’s unique IDs, and information about how you use the app itself,” sometimes when the data is not related to the app’s purpose.

“If you’re providing information when you’re using the device, someone may be collecting it – whether it’s the app developer, the app store, an advertiser or an ad network. And if they’re collecting your data, they may share it with other companies,” it continues.

“We’re working to integrate mobile into all of our programs and initiatives,” said Patti Poss, who heads up the mobile team for the Bureau of Consumer Protection.

Brill spoke yesterday regarding do-not-track and mobile privacy at the Center for American Progress, suggesting that there should be a do-not-track mechanism for mobile. In the version of her keynote featured on the FTC website, she stated, “Consumers should not be expected to make tracking choices on a company-by-company basis. This raises the issue, also flagged by staff in our report, of whether do-not-track should be extended to the mobile environment. With so much information about consumers exchanged in that space, I believe the answer is yes.”

The Understanding Mobile Apps resource also warns consumers, “Even if you turn off location services in your phone’s settings, it may not be possible to completely stop it from broadcasting location data.”

Publishing the mobile app resource doesn’t necessitate that “developers will automatically start incorporating privacy by design in mobile apps, but we probably can influence how apps are created,” through trade associations, mobile service providers, and other entities, said Nat Wood, the FTC’s assistant director in the Bureau of Consumer Protection.

Wood and Poss spoke with ClickZ News after attending a mobile geo-location workshop held by the Federal Communications Commission.

During a Senate Commerce Committee hearing on online privacy in March, FTC chairman Jon Leibowitz said the FTC had “multiple investigations going on” that involve companies providing “inadequate” notice of mobile data collection and buried privacy policies.

In her keynote, Brill also reiterated a sentiment other FTC commissioners have expressed, alluding to the self-regulatory program established by a coalition of advertising trade groups. “Do-not-track must do more than just prevent the consumer from receiving targeted advertising: it must provide the consumer with an opportunity to stop the collection of information about her online behavior.”

Brill also discussed mobile privacy for children. She mentioned that the FTC-enforced Children’s Online Privacy Protection Act covers “interactive mobile applications, games, and social networking services. However, she added the agency is looking closely at “whether certain mobile communications, such as text messages, are online services that come under the rule.”

Related reading