• by Allison Fitzpatrick , Alison Winter , April 10, 2012

The App Store has over 500,000 apps for work, play and everything in between.  There are apps for news, finance, travel, social networking, games and everything else you can imagine.  There is even a turkey call app for those who enjoy turkey hunting. (For the record, the authors of this article do not condone that activity – so please no letters!)  

But at what cost are all these apps? For consumers, it is the loss of privacy.  For members of the app industry, it is the constant scrutiny of their privacy and data collection practices on both the state and federal level.   

Scrutiny at the State Level

In February, the California Attorney General announced a global agreement with the leading operators of mobile application platforms, including Amazon.com, Apple, Google, Hewlett-Packard, Microsoft, and Research in Motion, which commits the operators to improved privacy protections for app users.

One such improvement is the requirement that mobile apps collecting personal information conspicuously post a privacy policy describing the apps’ privacy practices (a notable development, given the fact the majority of mobile apps today do not include a privacy policy).

App users will also have a means to report apps that fail to comply with applicable policies and/or laws. Notably, developers that fail to comply with their stated privacy policies could be prosecuted under California’s Unfair Competition Law and/or False Advertising Law.

While no timetable has been set for implementation, the California Attorney General will meet with the leading mobile app operators in six months to assess privacy practices in the mobile space.

Scrutiny at the Federal Level

Last month, House Representatives Henry A. Waxman and G.K. Butterfield sent letters to 34 makers of popular apps, including Twitter, Facebook, Foursquare and Instagram, requesting information about their data collection practices. The requests follow reports that certain social networking apps pulled users' address book data without permission.

Congress is seeking this information to better understand what information is collected by particular apps, what these apps do with this information and what notice they provide to app users. Then, they can “begin building a fact-based understanding of the privacy and security practices in the app marketplace.”

This congressional scrutiny comes on the heels of the Federal Trade Commission’s report on mobile apps for kids --“Mobile Apps for Kids: Current Privacy Disclosures are Disappointing” -- which found that there was a lack of privacy information available to parents before downloading mobile apps for their children.  

According to the FTC, app developers should provide privacy information in simple and short disclosures or icons that are easy to find and understand on the small screen of mobile devices.  To this end, on May 30, 2012, the FTC will host a public workshop on revising its online advertising disclosure guidelines -- known as “Dot Com Disclosures” --to provide clear and conspicuous disclosures in the current online and mobile advertising environment.  

Given the astounding rate of growth of mobile apps, it is not surprising that regulators and lawmakers are focusing on the privacy issues raised by such apps. In light of current scrutiny on both the state and federal level, the mobile app industry must pay special attention to developments in this area.