Mobile Apps Privacy Guidelines May Be Beefed Up Regarding 3rd-Party Use of Social Networks
The Mobile Marketing Association may clarify a recommendation to applications developers to get consent from users before partner businesses pull information about them from social-media sites, an industry attorney said Wednesday. The subject has come up in responses to proposed privacy guidelines that the association put out in October in response to activity in Congress and at the FTC, Ieuan Jolly of the Loeb & Loeb law firm said on a Law Seminars International teleconference. Many of the firm’s “interactive media clients” belong to the association, he told us.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
A spokesman for the association said the final guidelines will come out next week, but he wouldn’t comment on what they'll say. The guidelines provide annotated “guidance on core privacy principles and consumer-friendly language for developers to consider using,” ways “to inform users on how data is obtained and used,” and guidance “on security and confidentiality of information,” the association said (CD Oct 18 p11).
Getting prior consent to collecting data on social networks “can be a challenge, but it certainly can be addressed if it’s an expectation that people have,” Andrew Dahm, Clear Channel Communications’ business and regulatory counsel, said on the teleconference. He said privacy “expectations are changing so quickly” in digital communications. “In the social-networking context, I don’t think there are firm expectations,” Dahm said.
The guidelines are meant to promote self-regulation in place of government rules that couldn’t respond as flexibly to fast-changing technology and behavior, lawyers on the teleconference said. The European Data Protection Directive is being completely “revamped to deal with these new practices and new technologies,” because it’s more than a decade old, Jolly said. He said the draft association guidelines largely track the principles laid out in congressional bills filed last year, an FTC report and a Commerce Department green paper. “The self-regulatory framework can give people on the vanguard” of technology and new business models some comfort that their information practices are “not completely and wildly inappropriate,” Dahm said. And following industry recommendations can “forestall those questions and frustrations that users might have,” leading to expensive support inquiries and damage to brands, he said.
"The FTC has been going after companies that have been offering an opt-out” from data collection or use “but only honoring them for a limited period of time,” said Ed Fallon, Research In Motion’s in-house attorney on U.S. marketing. He cautioned that “the general standard now is about five years.” Fallon said the flood of mobile software offerings makes it “really challenging to completely vet every single app” for the BlackBerry platform for privacy considerations. And the “technical sophistication” of even young children now means it’s “always going to be a challenge” keeping them from getting around requirements in the Children’s Online Privacy Protection Act, reflected in the guidelines, for parental consent to information-gathering from kids under 13, he said.