• by Wendy Davis , Staff Writer @wendyndavis, May 26, 2011

When companies violate their privacy policies by, say, selling data about consumers despite promises to the contrary, the Federal Trade Commission can accuse them of engaging in deceptive practices by promising consumers one thing and then doing another.

But when those companies lack privacy policies, the FTC can't easily charge them with deception even if those companies collect questionable data, or sell information that users thought was confidential, to ad networks.

That's one of the reasons why some lawmakers and other observers are troubled by news that many mobile app developers lack privacy policies. A recent report by the think tank Future of Privacy Forum showed that 22 out of 30 popular mobile Web apps had no privacy policy.

As things stand, no federal law requires app developers (or other Web companies) to make any promises to consumers regarding privacy. But even without legislation, developers could face some pressure on this front.

This week, Sen. Al Franken (D-Minn.) explicitly urged Google and Apple to require that apps in their stores have privacy policies. In letters to the companies, Franken said that doing so "would be a simple first step that would provide users, privacy advocates, and federal consumer protection authorities a minimum of information about what information an app will access and how that app will share that information with third parties."

Franken added that the need for a privacy policy is particularly urgent when apps collect data about users' locations. "Apple and Google have each said time and again that they are committed to protecting users' privacy. This is an easy opportunity for your companies to put that commitment into action," he wrote.