On the heels of a Wall Street Journalreport finding widespread privacy breaches on iPhone and Android apps, the Mobile Marketing Association said Monday it plans to develop a new set of privacy guidelines. The new rules would complement the MMA's existing Global Code of Conduct and cover eight types of mobile media: SMS, MMS, email, voice, applications, mobile Internet, content and location-based services.
Much of the increased regulatory scrutiny around privacy, though, hasn't directly addressed the more nascent mobile ad landscape. But the Journal story published Saturday -- which focused on surreptitious third-party tracking of mobile users' location and other personal data via applications -- is likely to give the issue greater visibility.
The latest article in the newspaper's ongoing series on digital privacy details how iPhone and Android apps regularly and widely share data including a phone's unique ID number, current location and phone number without a user's knowledge or consent. The popular music app Pandora, for instance, sent information including age, gender and location to eight different ad networks or other trackers.
A separate study in October also highlighted how many popular iPhone apps use device serial numbers to track users.
And despite privacy protections required by Apple and Android-maker Google, app developers and ad companies manage to get around them. What's more, there's little smartphone owners can do to limit tracking because they can't typically opt out of phone monitoring, as they can to some degree on computers, or block or delete application cookies as on the wired Web.
The MMA's Michael Becker told the Journal, "In the world of mobile, there is no anonymity." A cell phone is "always with us. It's always on." For that very reason, mobile has long held the promise of a targeting bonanza for marketers, providing a window into exactly where you are or what you're doing at any given time on top of other demographic and lifestyle data.
Given Becker's acknowledgment of the challenge, it's hard to see the MMA getting a handle on the privacy issues involved in mobile any time soon. Leading that effort will be Alan Chapell, president of Chapell & Associates and co-chair of the MMA Privacy Committee. Earlier this year, Chapell discussed in MediaPost's Behavioral Insider the difficulty of imposing privacy rules on the emerging app economy comprising carriers, operating system makers, developers, advertisers and ad networks.
He suggested companies like Apple and Google would have to play a big role as the gatekeepers of the new app era, and that controls addressing data retention specifically would help to mitigate the "creepiness factor" associated with location tracking. But if a user's phone is "always on" and always with us, as Becker points out, then the data collection essentially never stops and is always up to date.
And even after the MMA adopts new privacy guidelines, how successful will it be in enforcing them? It's one thing if the group is working mainly with the major carriers on an agreement, but reining in the wider app and mobile Web ecosystem is a much more daunting task. One area highlighted by the Journal story that clearly needs improvement is the privacy policies for apps. Forty-five of the 101 apps tested didn't provide such policies on their Web sites or inside the apps.
How much sway the MMA would have with technology giants such as Google or Apple to get developers to adopt even this basic level of consumer protection isn't clear. But with both companies relatively new to mobile advertising, there isn't a lot of history of the trade group working with them. Apple doesn't even turn up in the MMA's online membership directory. I hope someone has Steve Jobs' phone number.