Commentary: Software industry, not Congress, should develop privacy guidelines for mobile apps

Mobile software applications have become an innovative and wildly popular tool for entertainment, business and education because they can be used on the go. Moreover, these apps can use location information to create targeted services with innovative benefits and features that most users highly value. The dramatic growth in the use of these new software tools is a tribute to the value they provide to users and to the innovative skills and responsibility of the app developers who have built this market.

Most mobile app developers are behaving responsibly in their collection and use of personal information. Still, it is clear that continued growth and innovation in the mobile marketplace is dependent on maintaining consumer confidence in privacy protection.

For this reason, the Software & Information Industry Association is committed to helping the mobile app community come together to create best practices for privacy. While legislators already have started to investigate the issue, we believe industry -- not Congress -- is best positioned to develop effective practices that ensure consumer confidence.

Mobile Privacy: No Need to Legislate

Mobile privacy became a major issue in Congress this spring when the Senate held back-to-back hearings on consumer privacy in mobile platforms -- one in the Commerce Committee and another in the Judiciary Committee. In June, Sens. Al Franken, D-Minn., and Richard Blumenthal, D-Conn., introduced the 2011 Location Privacy Protection Act to mandate consumer control over the collection and use of location information from mobile devices.

Legislation that develops privacy rules specifically for mobile devices is premature, especially when the industry already is moving forward. The Future of Privacy Forum, a Washington think tank, has developed an application privacy working group, of which SIIA is a member. Through this group, we are bringing to bear the expertise of our member companies to develop voluntary guidelines that will spread best practices to all participants in the industry. In addition, the FPF project website, supported by SIIA and others, makes available a variety of tools to help app developers manage issues of data collection and use.

These efforts make it clear that the mobile app industry does not need government regulation to move us in the direction of providing a trusted environment for our users. We can do it ourselves, and the first step is straightforward guidelines from the industry for responsible collection and use of mobile data.

Disclosure: A Critical Next Step

Responsible behavior by mobile app developers is already a feature of the marketplace. Numerous companies, including many members of SIIA, provide mobile software for business, consumer and educational uses. These mobile uses are a natural extension of the core services these companies provide to their clients. In this business-to-business or business-to-school context, transparency disclosures and information about the sharing and use of mobile information are handled as part of contractual negotiations and ongoing business relationships.

In order to foster an environment of confidence and trust, however, it is critical that all mobile app developers describe and disclose their information handling practices when they collect and use personal information.

The best methods for disclosing information handling practices are the subject of intense discussion within the app development community and at the Future of Privacy Forum. And as The Washington Post recently reported, a number of industry efforts are under way for companies to display their privacy policies in a way that overcomes the problems associated with a small screen and complicated legal disclaimers.

Guidelines Before Government Intervention

Most mobile app developers are careful and accountable in their use of personal information. But it is critical that the mobile app industry develop guidelines that clearly express these best practices and ensure that they are widely diffused throughout the industry. The creation of these industrywide guidelines -- not legislation -- is the logical next step.

Legislation, however well-intended, could cut short the growth of this nascent and largely American-based industry, and could stifle the innovation and creativity that has truly changed the way consumers work, play and interact.

SIIA joined the Future of Privacy Forum's application privacy working group out of the conviction that the industry does not need government to force us to provide a trusted environment for our users. We can and should do it ourselves.

Mark MacCarthy is vice president for government affairs at the Software & Information Industry Association, a trade group for the software and digital content industry.