CIO Briefing

Administration privacy approach to get first test

When the Obama administration in February rolled out its approach to protecting consumer privacy online, it put as much emphasis on industry self-regulation as it did on its call for legislation to provide consumers with privacy protections.

Administration officials argued that given the difficulty in moving legislation, pushing industry sectors to help develop codes of conduct would help bolster consumer privacy until lawmakers act on the issue -- something that appears highly unlikely this year.

That approach will get its first test on Thursday, when the Commerce Department convenes the initial meeting aimed at developing industry codes of conduct for the mobile-apps sector.

Although the first session is focused on just one sector, the administration is aiming to extend the process to others that collect information from consumers, whether it is when they register to use a website or download a mobile app to their smartphone. While the codes are voluntary, companies that agree to abide by them will open themselves to enforcement from the Federal Trade Commission if they fail to live up to their promises.

“We will learn a lot about where the center of gravity may be on how to move forward on mobile privacy codes of conduct and get a sense of what it takes to make progress,” White House Deputy Technology Officer Danny Weitzner said earlier this week in a speech at the Hudson Institute.

The administration appears to have set a low bar for the first sector. It is limiting the first set of meetings to developing guidelines for how mobile-apps providers can provide more transparency in what they do with information collected from users.

Despite the relatively narrow topic, the meeting has already sparked some controversy. Privacy groups complained that by hosting the meeting in Washington, some privacy advocates based outside the nation’s capital would be excluded. The event will be webcast, but the groups have pushed for some sort of two-way communication.

At the same time, some privacy advocates worry that the meeting is too narrowly focused and that industry codes should also cover the collection practices of mobile-apps providers.

“I think many in industry will come in and try to get their current business model … get an Obama administration stamp of approval, and it’s not going to be sufficient,” Center for Digital Democracy Executive Director Jeff Chester said. “Whatever deal is struck has to reflect what’s happening with the industry.”

Some industry officials say they do not currently favor expanding the agenda beyond transparency, which is just one of the several planks in the administration’s call for legislation to implement a "privacy bill of rights," which also includes such principles as adequately securing information and limitations on the amount of data collected about consumers.

“The administration is focused very, very narrowly on the most important topic … which is transparency,” Jon Potter, president of the Application Developers Alliance, a new industry group for apps developers, told National Journal. “That’s the entirety of what this exercise is about. If it succeeds, than we can talk about other issues.”

The apps industry has come under scrutiny over reports that some apps secretly collect address book, location, and other data from users’ smartphones.

A new study released Wednesday by the Future of Privacy Forum shows that the industry appears to be doing more to alert consumers to how their personal data is treated when they download or use an app.

The study examined whether the most popular free and paid apps available from Apple, Google, and Amazon provide privacy policies telling consumers what they do with user data. The study found that 61 percent of the 150 apps examined had privacy policies, with the greatest number among the free apps.

While privacy policies provide consumers with limited information and can often be difficult to read, the policies show that apps makers are at least examining what information they collect, Future of Privacy Forum Director and cofounder Jules Polonetsky said in an interview.

“We don’t think it will solve privacy for mobile consumers," he said, "but at least it forces [apps developers] to go through and figure out what they are doing.” 

Threatwatch Alert

Network intrusion / User accounts compromised / Software vulnerability

Hackers Leave Mexican Town Penniless

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// 4:16 PM ET
X CLOSE Don't show again

Like us on Facebook