The US National Telecommunications and Information Administration (NTIA), part of the Commerce Department, unveiled the first version of a national “privacy code of conduct” for mobile apps. The code of conduct was in works for over a year, and NTIA consulted a number of parties along the way, including AT&T and the Internet Commerce Coalition (which represents AOL and Ebay among others), privacy groups like the Electronic Frontier Foundation and the American Civil Liberties Union. The final draft should apparently satisfy all sides, while also helping protect consumer privacy.
The code of conduct is voluntary and not enforced under any laws, leaving it up to app developers and ecosystems to adopt it at their will. However, the NTIA is hopeful that they will do it in short order.
The main idea is to provide customers with what NTIA calls a “short notice” that includes relevant information prior to download or purchase. More precisely, this short notice should contain the following pieces of information:
- the types of data the app collects from users and transmits off the device,
- what third-party companies or organizations (if any) the app shares user data with and,
- the actual company responsible for each app.
Finally, it’s worth adding that the government considers data collection “only if transmitted off of the device,” so apps that store user data on the device would be exempt from the code.