Mobile apps are more likely to offer privacy policies now than just four years ago, according to a new study by the think tank Future of Privacy Forum.
Seventy-six percent of the most popular apps for Apple and Android devices now have privacy policies, up from 68% four years ago, according to the think tank. Nearly nine in 10 free apps (86%) have privacy policies, compared to just 66% of paid apps. Prior studies by the Future of Privacy Forum also found that free apps were more likely to have privacy policies than paid apps.
Ironically, popular health and fitness apps -- which potentially gather particularly sensitive information -- are less likely to offer privacy policies than other types of apps, the think tank reports. Consider sleep aid apps, such as apps that enable users to keep "sleep diaries," or that offer white noise. Just 66% of those apps offered privacy policies.
"Given that some health and fitness apps can access sensitive, physiological data collected by sensors on a mobile phone, wearable, or other device, their below average performance is both unexpected and troubling," the report states.
The authors add that people's sleep habits can reveal information like their work schedules, or whether they are traveling. The Future of Privacy Forum adds that some apps might ask users for "unusual permissions," including access to their contacts or photos.
Since 2012, Google, Apple and other major operators of app marketplaces have said they require developers to post privacy policies if their apps collect personal data from users.
The state of California has a privacy law, the Online Privacy Protection Act, that requires all Web site operators to post privacy policies. State Attorney General Kamala Harris argues that this requirement applies to mobile app developers.
Still, despite their limits, privacy policies can give regulators some ammunition against companies that engage in questionable practices. That's because companies that violate their own privacy promises arguably engage in deceptive business practices. Consider, in recent years the Federal Trade Commission has brought cases against numerous online companies -- including Google, Facebook, Twitter and Snapchat -- for failing to follow their own privacy policies
The FTC is slated to take up questions about privacy policies at a workshop next month.