Mobile App Privacy Needs To Grow Up And Shrink Down
At this week’s Mobile Insider Summit in Key Largo, Fla., ESPN SVP of Mobile Michael Bayles laid on us a striking stat from a brand that is as mobilized as any I can name. He said the company is seeing growth in apps at five times the rate of growth of its massively popular Web site. Many of us in mobile media heard throughout 2011 that the mobile Web was ascendant after years of focus on apps. Bayle tells us that among its leading edge users, the move to apps is on. Whether this applies across content and brand categories is an open question, but apps are a critical piece of the media mix now, and it is time we started treating their privacy policies with some seriousness.
The Mobile Marketing Association this week issued guidelines for app designers crafting privacy policies. This is sorely needed, but it only begins to address the larger issue of managing privacy issues on mobile.
The first part of this project is doing what the MMA has done: offer a set of templates for designers that they can adapt to their own content category, recommending It recommends a way to speak to the user and which critical aspects of data collection need to be addressed. Of particular importance on mobile is the distinction between automatically collected information (data collected without user input) and data provided by the user via form filling and registration.
On mobile the critical component for many people will be location information. While mobile phones communicate back to publishers the same sort of data a browser does (operating system, browser type) they also can communicate the device’s unique ID as well as real time location information. I would love to see more research done on the levels of sensitivity consumer have to different kinds of data collection, but I suspect that real-time and highly precise location information would prove to be among the most sensitive. The MMA takes care in singling this data point out and advising publishers to spell out what kinds of location information is collected and how. They also advise specificity in how the data is used.
Many of the major mobile publishers have started including privacy policies in their apps of one sort or another. And this was not always the case even six months ago. For many media companies and brands, privacy policies seemed to be at best an afterthought.
Huh? Even the privacy policies that do appear in apps actually don’t seem to apply to apps or mobile specifically?
Gee, I am starting to wonder if anyone is getting close. Much to my surprise, one of the most mobile-friendly privacy approaches I see on my smartphone deck comes from one of the most controversial companies in terms of privacy: Facebook. While far from perfect, the Facebook app for iOS gives you both general posting advice and controls but also links to all of the apps already on your deck that are using Facebook Connect. The screens reiterate what information you are sharing with the third parties, and lets you remove the link or adjust the sharing pieces that are not required. While I still find Facebook’s various privacy definitions and distinctions a bit inscrutable, the basic format and level of context-awareness is welcome.
Privacy policies in apps need to be present in all apps, whether from a publisher running advertising or a brand delivering store locators. The policies need to be as brief and clear as legally permissible. But they also need to be as contextually aware as the apps themselves. My guess is that the mobile user is more concerned about some mobile capabilities like location tracking. These are concerns that need to be addressed by something other than a reiteration of a generic Web site policy.