November 22, 2024
EFF Presents Mobile User Privacy Bill of Rights

EFF Presents Mobile User Privacy Bill of Rights

Posted March 5, 2012 at 8:10am by iClarified
The Electronic Frontier Foundation has presented a Mobile User Privacy Bill of Rights to set a baseline for what mobile industry players must do to respect user privacy. The recommendations come after privacy concerns that stemmed from the discovery that apps are able to access and store a users entire Address Book without permission.



A mobile user bill of rights


Developers need to create applications that respect these rights.

1. Individual control: Users have a right to exercise control over what personal data applications collect about them and how they use it. Although some access control exists at the operating system level in smart phones, developers should seek to empower users even when it's not technically or legally required by the platform.The right to individual control also includes the ability to remove consent and withdraw that data from application servers. The White House white paper puts it well: "Companies should provide means of with drawing consent that are on equal footing with ways they obtain consent. For example, if consumers grant consent through a single action on their computers, they should be able to withdraw consent in a similar fashion."
2. Focused data collection: In addition to standard best practices for online service providers, app developers need to be especially careful about concerns unique to mobile devices. Address book information and photo collections have already been the subject of major privacy stories and user backlash.Other especially sensitive areas include location data, and the contents and metadata from phone calls and text messages. Developers of mobile applications should only collect the minimum amount required to provide the service, with an eye towards ways to archive the functionality while anonymizing personal information.
3. Transparency: Users need to know what data an app is accessing, how long the data is kept, and with whom it will be shared. Users should be able to access human-readable privacy and security policies, both before and after installation. Transparency is particularly critical in instances where the user doesn't directly interact with the application (as with, for example, Carrier IQ).
4. Respect for context: Applications that collect data should only use or share that data in a manner consistent with the context in which the information was provided. If contact data is collected for a "find friends" feature, for example, it should not be released to third parties or used to e-mail those contacts directly. When the developer wants to make a secondary use of the data, it must obtain explicit opt-in permission from the user.
5. Security: Developers are responsible for the security of the personal data they collect and store. That means, for example, that it should be encrypted wherever possible, and data moving between a phone and a server should always be encrypted at the transport layer.
6. Accountability: Ultimately, all actors in the mobile industry are responsible for the behavior of the hardware and software they create and deploy. Users have a right to demand accountability from them.

Hit the link below for more details and best technical practices associated with these guidelines.

Read More [via Miriam]



EFF Presents Mobile User Privacy Bill of Rights
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments
You must login or register to add a comment...
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS