Lawmakers on Thursday introduced a mobile
privacy bill that would require app developers to obtain users' permission before collecting or sharing their personal data.
The "Application Privacy, Protection, and Security Act of 2013,"
or APPS Act, provides that companies offering mobile apps must specify the types of information they collect from users, the reasons why the data is collected and the categories of outside companies
the data is shared with. The bill also provides that mobile apps have data retention policies that spell out how long information is stored.
Hank Johnson (D-Ga.) introduced the bill, and
Rep. Steve Chabot (R-Ohio) is among the co-sponsors. The proposal specifies that app developers must inform users if their data can be accessed by third parties -- regardless of whether the data is
first sent to the developers. The APPS Act also gives consumers who stop using an app the right to direct the developer to delete any personal data that's been collected.
The measure tasks
the Federal Trade Commission with crafting regulations to implement the law, and also with defining the term “personal data” -- with the qualification that the definition can't extend to
data that's been “de-identified.”
Johnson's proposal comes at a time when lawmakers and regulators are increasingly scrutinizing the data that's collected by mobile developers.
Sen. Al Franken (D-Minn.) recently vowed to reintroduce a bill that would require app developers to obtain users' explicit consent before collecting or disclosing their geolocation data.
Last
year, the Senate Judiciary Committee approved the measure, but it wasn't passed.
The state of California currently requires all Web site operators to post privacy policies. State Attorney
General Kamala Harris says this requirement applies to mobile app developers. Late last year, she sued Delta Air Lines for failing to include a privacy policy in its mobile app.