http://www.ftc.gov/opa/2013/02/mobileprivacy.shtm
Sorry if this is a bit long, but I really only copied the highlights…. Whatcha think?My biggest eyebrow twitch was “Develop short form disclosures for app developers.” Crossing fingers they’ll go “short” and standardized for websites, too?

The report recommends that mobile platforms should:

• Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation;
• Consider providing just-in-time disclosures and obtaining affirmative express consent for other content that consumers would find sensitive in many contexts, such as contacts, photos, calendar entries, or the recording of audio or video content;
• Consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded;
• Consider developing icons to depict the transmission of user data;
• Promote app developer best practices.  For example, platforms can require developers to make privacy disclosures, reasonably enforce these requirements, and educate app developers;
• Consider providing consumers with clear disclosures about the extent to which platforms review apps prior to making them available for download in the app stores and conduct compliance checks after the apps have been placed in the app stores; and
• Consider offering a Do Not Track (DNT) mechanism for smartphone users.  A mobile DNT mechanism, which a majority of the Commission has endorsed, would allow consumers to choose to prevent tracking by ad networks or other third parties as they navigate among apps on their phones.

App developers should:

• Have a privacy policy and make sure it is easily accessible through the app stores;
• Provide just-in-time disclosures and obtain affirmative express consent before collecting and sharing sensitive information (to the extent the platforms have not already provided such disclosures and obtained such consent);
• Improve coordination and communication with ad networks and other third parties that provide services for apps, such as analytics companies, so the app developers can better understand the software they are using and, in turn, provide accurate disclosures to consumers.  For example, app developers often integrate third-party code to facilitate advertising or analytics within an app with little understanding of what information the third party is collecting and how it is being used.
• Consider participating in self-regulatory programs, trade associations, and industry organizations, which can provide guidance on how to make uniform, short-form privacy disclosures.

Advertising networks and other third parties should:

• Communicate with app developers so that the developers can provide truthful disclosures to consumers; 
• Work with platforms to ensure effective implementation of DNT for mobile.

App developer trade associations, along with academics, usability experts and privacy researchers can:

• Develop short form disclosures for app developers; 
• Promote standardized app developer privacy policies that will enable consumers to compare data practices across apps;
• Educate app developers on privacy issues.

 “FTC staff strongly encourages companies in the mobile ecosystem to work expeditiously to implement the recommendations in this report.  Doing so likely will result in enhancing the consumer trust that is so vital to companies operating in the mobile environment.  Moving forward, as the mobile landscape evolves, the FTC will continue to closely monitor developments in this space and consider additional ways it can help businesses effectively provide privacy information to consumers,” the report states.

@rich-brooks

Wow… about Path. Do you recall where you read that? And I agree… the privacy issues have gotten way out of control.

I know I just started “unlinking” all my logins and passwords… and try never to check any box that says “remember this password.” When I had rotely done this before, I wasn’t thinking about privacy issues, about how everything eventually was “hooked up” and leading back to my financial accounts… nor was I thinking of the domino effect should one bad hacker get ONE piece of info and start tracing back and linking things up.

I used to do do skip tracing assignments and one day I started thinking about how I could find most anyone… no matter where they were hiding… and it occurred to me that that very talent in the wrong hands could totally undo someone’s online financial life.

That’s when I started trying to “undo” my own linked footprint. Still trying to do that, but now that I realize that there is NO real safe password anymore, I’m wondering what the answer is. I already have a zero based financial account in which I transfer exact sums in order to pay bills, in case someone tries to steal from that account. And in just the last six months (and once yesterday), yet another thief tried to transfer funds out of it.

It’s a quandry from a consumer perspective. But from an internet business owner perspective, I’m also always stressed at the hoops I have to jump through as an online business owner, so I welcome “short form” and standards for anything that I can do in production-line fashion. I’m only one person… and can only do so much AND make a profit.

And though I can clearly see the issues from both sides, I’m selfish in just wanting it all to go away and be easy…. again… or maybe for the first time.