This is a crucial issue, particularly as people become more sensitive to the implications of apps sucking up their personal data and sending it who-knows-where. And with Android(s goog) having introduced toggles that let users kill specific elements of an app’s functionality, the tide is turning — developers have to be more on-the-level with their customers these days.
AppPrivacy comes out of an MEF working group dedicated to, well, app privacy. The group includes a bunch of lawyers and representatives from companies such as Mozilla, Vodafone(s vod), mobile ad network InMobi, privacy management firm TRUSTe and security outfit Kaspersky Labs.
What’s cool about the tool is the way it gently harangues the developer as they’re filling out the forms. Playing devil’s advocate, I decided to make my “HappyFunTimes” app truly obnoxious, and I ticked the box that said I wanted to send marketing messages to my users’ contacts.
“Warning!” a pop-up box read. “If you are going to access the user’s contacts database and use it for marketing purpose, you must have their permission first. Also, you should gain consent from any contact you plan to send marketing messages to.”
I ticked the box saying I wouldn’t require consent from my users in order to send them marketing messages. “Warning! Many countries require marketers to gain consent from any contact you plan to send marketing messages to. If you do not – and are not able to prove it – you may find yourself in trouble with the relevant authorities.”
HappyFunTimes should collect user location data, I decided. The warning: “While there’s no doubt consumers enjoy the location-enabled functionality of modern smartphones, many are concerned at having their movements monitored. It’s important you let them know why you’re tracking their location and who you’re sharing that information with.”
An excellent start
Did I mention that I love this tool? Sure, it’s not perfect and yeah, an ad firm is part of the working group, but you know what? It’s an excellent start.
People do care about this stuff and, as platforms gradually give users more control over their data, developers need to care about it too. AppPrivacy is not hard to use (I managed it) and it bluntly spells out the factors that developers should be taking into account.
As MEF Global Chair Andrew Bud put it:
“Consumers’ trust in our industry will be built on transparency and ease of understanding in dealing with their private data. That’s a tough combination to deliver, and our research shows that many providers have struggled with it. Now, building on the expertise of our cross-stakeholder group, AppPrivacy delivers credible, practical solutions to ensure best practice in our industry.”
What we need now is the introduction of more informative and granular permissions at the time of an app’s installation. But that’s a platform thing – over to you, Google(s goog) and Apple(s aapl)…