Data privacy is usually mentioned in the same breath with almost any IT topic, and the ubiquity of mobile apps, indeed their inherent mobility, puts them at the heart of today’s privacy and security conversations. These conversations, we’re finding, are raising a crop of new questions with respect to how data privacy issues need to be reconciled in the mobile app world.
To folks yelling about Fort Knox level data security, consider this caveat: Be careful what you ask for. If you get all wrapped around data privacy, if you make it so hard for people to monetize their app in a free mode with too many constraints, it eliminates the value of offering services for free. If you eliminate free apps, or those 99-cent apps, you’re unable to participate in a flourishing micro economy.
Ask us, and we’ll urge you to strike a balance between privacy and participation.
We’re not saying you turn off all possible monitoring, but you need to keep money in the transaction. That’s why we’re all in business, after all.
So, how do you find that balance? That’s the bedrock question we’re constantly discussing of late, and the answer is starting to emerge with respect to simply giving yourself a little permission to trust the process. Let’s get enterprise and consumer developers to start doing the right thing.
Step one is to simply make sure you have the right kind of privacy policy in place. Does it cover your mobile app concerns, which are often dramatically different than any desktop-centric mindset? Does it really cover you? Does it state what you truly do? And once that policy is in place, make sure you adhere to it! We’re amazed to find folks who have policies in place — often very specific, well articulated policies — who then seem to disregard them outright. If, for example, you say you won’t repurpose data, then don’t repurpose data. Simple enough?
Mobile data privacy policy really boils down to just doing the right thing. Get a policy in place, inform your users, and stick to it. This is where we need to begin.
This point of departure may seem painfully simplistic, but many people don’t even know they need a privacy policy. It’s a real-world case of “I don’t know what I don’t know.”
But consider this: If you have a policy for your website, you obviously understand its significance. Making the policy jump to your mobile apps should make sense, and taking the time to tailor it to mobility is worth the effort because it will guide your behavior and set user expectations. No surprises. No misunderstandings.
And making this mindset universal is becoming critical. There are instances of companies uploading address books, and that bad apple outfit misappropriates the information. When that happens, every mobile app becomes suspect. That’s not a mobile app issue; that’s a business ethics issue, and the rest of the mobile app community has to swing in to damage control mode. Taking advantage of users means the rest of us can’t earn an honest buck. Not cool, to say the least.
If, as an industry, we start working up an agreed upon approach to data privacy, we police ourselves and reinforce good user relations. If we let our data privacy priorities languish, one outlaw outfit contaminates everyone’s image. Worse, it draws attention from lawmakers, and we know what happens when legislators get involved with things they don’t understand. They pass laws that don’t help. That’s happening, and it’s up to us to turn the tide.
We’re calling on the appdev community to get on the same data security wavelength. We don’t mean we all have to follow the same data security policy, but we do need to agree that setting a policy on an individual basis is imperative.
We’re going to be talking about this plenty in the weeks ahead, and invite our peers to share insights, thoughts and ideas. It’s time to have this conversation, and to translate it in to action.
Good continuation of this topic taking place over at Mashableas well.
Data privacy recommendations in terms of where to start make a lot of sense:
“You need to make sure that users easily have the ability to learn what information you are collecting from them and how you are using it before they download your app. (The changes the app stores are making as a result of their agreement with the California AG will make this easier.) Make sure that your privacy notices are easy to read and tailored to the mobile setting. If you’re looking for a place to start, consider the Mobile Marketing Association’s Privacy Policy Guidelines for Mobile Apps.“