What’s Next for the NTIA Mobile App Transparency Code?

August 01, 2013

Saira Nayak
Director of Policy | TRUSTe

 

On July 12, 2012, the Department of Commerce’s NTIA division kicked off a Multistakeholder proceeding focused on deciding a standard for mobile app transparency – the format and elements of a mobile app privacy notice (or as we’ll refer to it, the NTIA code). Sitting with the many other attendees in the vast cavernous hall of the Herbert Hoover Auditorium that day, and observing the wide range of interests represented in the room, I was admittedly skeptical about whether this group could reach consensus on anything that could provide meaningful guidance to app developers. Even for the most Pollyannaish of privacy heads, the possibility that representatives from government, industry and the advocacy community could actually sit down together (let alone decide on a mobile privacy standard together) seemed remote.

Fast forward a little over a year to July 25, 2013. At its 16th (and for now final) meeting, a majority of stakeholders voted to “freeze” a draft NTIA code and start testing it in the marketplace before finalizing later this year. Issues remain about some of the draft code’s provisions, around user comprehension of terms used in the code, and how these terms should be laid out in a mobile notice.

For the majority of stakeholders however, the draft NTIA code is a win.

It’s worth stepping back and thinking about what has been decided and agreed upon by the NTIA Multistakeholder group. For the first time, a broad coalition representing consumers and industry has agreed on some basic data elements that should be noticed by mobile apps (for the full story, the current version of the draft code is posted on the NTIA’s site). Mobile app developers who want to comply with the NTIA’s self-regulatory standard must notify users about whether they collect and share personal information – defined broadly to include data generated from a user’s activity on that device (browser and phone history), user uploaded files (contacts, photos) and sensitive data (health, financial, location). Providing this type of information to consumers is important; TRUSTe’s research shows that 72% of smartphone users are more concerned about privacy than they were a year ago. Read more “What’s Next for the NTIA Mobile App Transparency Code?”