recommended reading

Stakeholders continue slog on mobile app privacy


After their third meeting Wednesday, industry, privacy advocates and other stakeholders made little headway in actually developing an industry code of conduct for mobile applications but may be making some progress in finding ways to work together.

The latest meeting hosted by the Commerce Department's National Telecommunications and Information Administration once again focused on where to begin actual discussions on developing an industry code of conduct for mobile apps transparency. The code is part of a larger effort proposed by the Obama administration aimed at improving online privacy for consumers by encouraging companies, privacy advocates and other stakeholders to develop industry codes of conduct.

The first proposed code is focused narrowly on providing more transparency in what information developers and sellers of mobile apps are collecting from users and how they are using that data.

Wednesday's half-day session hosted at the Commerce Department centered on trying to narrow down the list of topics that stakeholders should begin focusing on. While some industry representatives argued that the process needs to begin by nailing down a definition of a mobile app, privacy advocates said there needs to be a better understanding of what practices industry is engaged in right now including what information is being collected from app users and how is it used.

"Let's identify the data usage, then we can determine how to proceed," Center for Digital Democracy Executive Director Jeff Chester said at the meeting.

Industry officials appear to be responding to this point, and some have agreed to provide privacy and consumer advocates with briefings on the current practices of mobile apps providers and developers. The Direct Marketing Association along with the Digital Advertising Alliance and the Interactive Advertising Bureau, all of which represent companies engaged in mobile and online marketing and advertising, have agreed to provide a briefing, according to Stuart Ingis, a partner with the Venable law firm who does work for all three groups.

"The stakeholder process is a bit clunky to begin with, but that is expected at the beginning. Business interests and consumer groups are engaging in good faith, which is helpful," Ingis said in an email. "It is [to be determined] what the process will produce. It is already creating more dialogue among the stakeholders, which is a tangible result."

Chester said he also has been in discussions with Apple, Google and Microsoft about providing similar briefings.

At the meeting, there was also discussion about trying to move the talks along by breaking off into smaller groups. The Application Developers Alliance has begun such discussions with the American Civil Liberties Union, Consumer Action and the World Privacy Forum on trying to "identify areas of agreement and develop mobile app consumer data usage transparency proposals for consideration by all stakeholders participating in the Department of Commerce/NTIA process," alliance President Jon Potter said in a statement.

"It's important to have smaller conversations to figure out with people who have different viewpoints where common ground is," ACLU Legislative Counsel Chris Calabrese said in an interview after Wednesday's meeting.

NTIA has scheduled five more meetings this year on developing a mobile app transparency code of conduct. The next session is set for Sept. 19.

(Image via zzoplanet/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.