• by Wendy Davis  @wendyndavis, May 9, 2013

Lawmakers on Thursday introduced a mobile privacy bill that would require app developers to obtain users' permission before collecting or sharing their personal data.

The "Application Privacy, Protection, and Security Act of 2013," or APPS Act, provides that companies offering mobile apps must specify the types of information they collect from users, the reasons why the data is collected and the categories of outside companies the data is shared with. The bill also provides that mobile apps have data retention policies that spell out how long information is stored.

Hank Johnson (D-Ga.) introduced the bill, and Rep. Steve Chabot (R-Ohio) is among the co-sponsors. The proposal specifies that app developers must inform users if their data can be accessed by third parties -- regardless of whether the data is first sent to the developers. The APPS Act also gives consumers who stop using an app the right to direct the developer to delete any personal data that's been collected.

The measure tasks the Federal Trade Commission with crafting regulations to implement the law, and also with defining the term “personal data” -- with the qualification that the definition can't extend to data that's been “de-identified.”

Johnson's proposal comes at a time when lawmakers and regulators are increasingly scrutinizing the data that's collected by mobile developers. Sen. Al Franken (D-Minn.) recently vowed to reintroduce a bill that would require app developers to obtain users' explicit consent before collecting or disclosing their geolocation data.

Last year, the Senate Judiciary Committee approved the measure, but it wasn't passed.

The state of California currently requires all Web site operators to post privacy policies. State Attorney General Kamala Harris says this requirement applies to mobile app developers. Late last year, she sued Delta Air Lines for failing to include a privacy policy in its mobile app.