privacy policies

California Attorney General Kamala Harris has formally warned 100 app developers that their apps are not in compliance with the California Online Privacy Protection Act (OPPA).  Harris has given these developers 30 days to come into compliance by “conspicuously post[ing] a privacy policy within their app that informs users of what personally identifiable information about

At the Wired for Change conference earlier this week, FTC Chairman Jon Leibowitz noted that the FTC is developing a “nutrition label” for data collection and use, modeled after the nutrition facts label for food and beverages.  Leibowitz reportedly said that the agency’s chief technologist and the Bureau of Consumer Protection are working to identify “five essential terms” that should be included in these standardized privacy policies.  California Attorney General Kamala Harris, who spoke on the same panel as Leibowitz, supported the idea of food labels for mobile apps, according to reporters’ tweets

The concept of a nutrition label for privacy has been under discussion in the privacy community for some time.  In July 2001, FTC Commissioner Sheila Anthony suggested that nutrition labels and EnergyGuide labels could serve as models for standardized privacy policies.  Several academics have developed standardized table formats for privacy policies, and research from Carnegie Mellon’s CyLab has found that standardized privacy policy formats allow readers to find information more accurately and quickly. Continue Reading FTC Working on Privacy “Nutrition Label”; Industry Focusing on Icons

According to a recent study released by the Future of Privacy Forum (FPF), the number of mobile apps with privacy policies has grown rapidly since September 2011. The study examined the top 25 free and 25 paid apps in the Apple iOS, Google Play, and Kindle Fire app stores, for a total of 150 apps. 

Of the apps reviewed, the study found

Two reports have recently been released that look at consumer perceptions of online privacy issues and examine user tracking practices on popular websites.

TRUSTe Privacy Index

TRUSTe released its Privacy Index for the second quarter of 2012, which measures consumer confidence in their online privacy.  The numbers show that consumers are concerned about web privacy issues and make decisions based on perceptions of companies’ privacy practices.

Consumer concern and mistrust about online privacy are up from Q1.  In the latest Privacy Index, 91% of U.S. adults say they worry about their privacy online (versus 90% in Q1), and 53% say they do not completely trust businesses with their information (versus 41% in Q1). 

The percent of adults that say privacy issues impact their buying decisions has remained steady.  88% of adults say they avoid companies that they believe do not protect their privacy.Continue Reading Two Recent Privacy Reports on Consumer Confidence and Website Tracking Practices

The afternoon panels at yesterday’s FTC workshop focused on mobile issues, with the first focusing on mobile advertising disclosures and the second focusing on mobile privacy disclosures.

Some themes were common to both panels.  In particular, panelists in both sessions identified the unique challenges of designing disclosures that will effectively communicate with consumers who often may be distracted because they are multitasking and who are using smaller screens than their desktop-using counterparts.

To address these challenges, panelists said mobile services need to consider consumer expectations in the context of the particular application or transaction. They said that application developers and advertisers must find ways to prioritize the most important disclosures, format them in a way that is meaningful for mobile users, and present the disclosures at a time when consumers are most likely to pay attention to the information — often right before a transaction is completed or before an application transmits personal information.Continue Reading What Happened at the FTC Advertising and Privacy Disclosures Workshop? (Part 2 of 2)

This week, the U.K.-based GSM Association unveiled voluntary app privacy guidelines, which are being implemented by several major European mobile telephone service operators for their own branded applications.  According to the GSM Association, the companies adopting these guidelines includes Deutsche Telekom, France Telecom – Orange, Telecom Italia, Telefónica, and Vodafone.  This development  follows last week’s announcement of an agreement by Amazon, Apple, Google, Hewlett-Packard

An action brought by the Electronic Privacy Information Center (“EPIC”) asking that the FTC be compelled to enforce its Google Buzz consent order (previously described, here) was dismissed by Judge Amy Berman Jackson of the United States District Court for the District of Columbia, who held that “enforcement decisions are committed to agency discretion and are not subject to judicial review.”

EPIC contended that Google’s announced changes to its user privacy policies for all of its services, scheduled to take effect on March 1, 2012, would violate various portions of the consent order Google reached with the FTC regarding its former social networking service Google Buzz by “altering the use of personal information” obtained by users and “consolidat[ing] user data from across [Google’s] services and creat[ing] a single merged profile for each user.”Continue Reading No Federal Court Jurisdiction to Review FTC Enforcement of Google Buzz Consent Decree, Judge Rules

Yesterday California Attorney General Kamala D. Harris announced an agreement she forged among Amazon, Apple, Google, Hewlett-Packard, Microsoft, and Research in Motion to ensure that mobile device apps that collect personal information contain privacy policies.  The agreement is designed to ensure that mobile apps comply with the California Online Privacy Protection Act, which requires operators of