A
coalition of tech companies said on Friday that they will begin testing proposed new “short-form” privacy notices, which are aimed at notifying consumers about data collection by apps.
The short-form notice proposal intends for developers to describe the information collected by apps in a single word, or short phrase -- like “biometrics,” “health
information,” “location,” and “browser history” -- followed by brief definitions. For instance, the brief definition of biometrics is “information about your body,
including fingerprints, facial recognition, signatures and/or voice print,” according to a draft version of the proposal.
The current version of the recommendations also calls for
developers to short phrases to describe the parties that will receive the data -- like “ad networks,” “social networks,” and “consumer data resellers” -- followed
by brief descriptions of those types of companies.
The Association for Competitive Technology's ACT 4 Apps -- which includes Apple, Microsoft, Facebook, BlackBerry, PayPal, AT&T and
Verizon -- says it will conduct tests in order to “ensure the notices
effectively communicate with consumers.”
The short-form notice initiative is the product of a year-long series of meetings convened by the Commerce Department. The agency has been
working with tech companies and consumer advocates since last summer, in an attempt to craft mobile privacy recommendations. Late last month, participants in those so-called multi-stakeholder meetings
voted to start testing implementations of the proposal.
Some consumer advocates who participated expressed
skepticism about the proposal. “We are concerned about a number of issues raised by the proposed code, related to actual mobile app and mobile data business models/practices; the lack of
independent user testing; vagueness in definitions and potential loopholes,” the Center for Digital Democracy said in a statement.
Consumer Watchdog added that even if companies express
approval of the proposal, they need not follow it. The group also said that the short-form notices “at best provide marginal improvements in privacy protection that companies can say they
support, but will be allowed to ignore.”
Researchers at Carnegie Mellon University recently published a report concluding that the proposed short-form notices were ambiguous, and
appeared to confuse consumers in test situations.
Lorrie Cranor, who oversaw the research, said at the time that she hoped the Commerce Department conducted more tests with consumers, and
refined the terms' definitions, before issuing a final recommendation.
The agency is expected to issue a final report at the end of the year.