Massive Data Breach At IEEE Affects 100,000 Members
National Protect Your Identity Week 2012

California AG Asks United Airlines To Provide A Privacy Policy With Its Mobile Device App

Recently, Kamala Harris, the Attorney General for the State of California, posted the following on her Twitter feed:

"@KamalaHarris Fabulous app, @United Airlines, but where is your app’s #privacy policy? http://1.usa.gov/SWGCTm"

A quick scan of United Airline's twitter feed did not find a reply by the airline to the AG's request. Harris' request refers to a 2004 law in California requiring website operators that collect consumers' personal information to post a privacy policy on its website. While that law predates mobile device apps, Harris' request highlights an important privacy and data security situation. Prior studies have documented privacy abuses by mobile device apps, and either lacking or sporadic access to apps' privacy policies both before and after a user installs an app.

Of course, a privacy policy won't prevent a data breach nor prevent abuse of consumers' sensitive personal information, but it is an important disclosure tool, like food labels, to help consumers:

  • Understand what data is collected, archived, and shared with other companies by a product or service,
  • Utilize any opt-out or opt-in service settings,
  • Begin to evaluate whether or not a company complies with its own privacy policy, and
  • Compare data security offerings between competitive products or services

One could argue that given the privacy abuses, privacy policies are even more important for mobile device users. With a traditional desktop or laptop device, there is usually to parties involved: the consumer and the website he/she is visiting. With mobile devices, there are more parties involved: the mobile device manufacturer, the mobile device operating system developer, the app developer, the telecommunications provider, and the app store. It's critical for consumers to know which party's privacy policy applies; and an opportunity to streamline,, consolidate, and reduce the number of privacy policies.

Now that Harris has highlighted the issue, it is an opportunity for the california legislature to amend its state's laws to include apps; and for legislatures in other states to do the same.

What's your opinion of Harris' request? What's your view of privacy policies for mobile device apps?

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Larry

It's crucial for customers to know which person's online comfort policy applies; and an opportunity to improve.

The comments to this entry are closed.