Companies To Start Testing New Privacy Notices For Apps
A coalition of tech companies said on Friday that they will begin testing proposed new “short-form” privacy notices, which are aimed at notifying consumers about data collection by apps.
The short-form notice proposal intends for developers to describe the information collected by apps in a single word, or short phrase -- like “biometrics,” “health information,” “location,” and “browser history” -- followed by brief definitions. For instance, the brief definition of biometrics is “information about your body, including fingerprints, facial recognition, signatures and/or voice print,” according to a draft version of the proposal.
The current version of the recommendations also calls for developers to short phrases to describe the parties that will receive the data -- like “ad networks,” “social networks,” and “consumer data resellers” -- followed by brief descriptions of those types of companies.
The Association for Competitive Technology's ACT 4 Apps -- which includes Apple, Microsoft, Facebook, BlackBerry, PayPal, AT&T and Verizon -- says it will conduct tests in order to “ensure the notices effectively communicate with consumers.”
The short-form notice initiative is the product of a year-long series of meetings convened by the Commerce Department. The agency has been working with tech companies and consumer advocates since last summer, in an attempt to craft mobile privacy recommendations. Late last month, participants in those so-called multi-stakeholder meetings voted to start testing implementations of the proposal.
Some consumer advocates who participated expressed skepticism about the proposal. “We are concerned about a number of issues raised by the proposed code, related to actual mobile app and mobile data business models/practices; the lack of independent user testing; vagueness in definitions and potential loopholes,” the Center for Digital Democracy said in a statement.
Consumer Watchdog added that even if companies express approval of the proposal, they need not follow it. The group also said that the short-form notices “at best provide marginal improvements in privacy protection that companies can say they support, but will be allowed to ignore.”
Researchers at Carnegie Mellon University recently published a report concluding that the proposed short-form notices were ambiguous, and appeared to confuse consumers in test situations.
Lorrie Cranor, who oversaw the research, said at the time that she hoped the Commerce Department conducted more tests with consumers, and refined the terms' definitions, before issuing a final recommendation.
The agency is expected to issue a final report at the end of the year.