CEO | TRUSTe
Privacy breakdowns continue to pop up across a variety markets with the biggest headlines coming from two VC-backed mobile app start-ups, Path and Hipster. Both were called out by independent tech professionals for privacy violations stemming from the unauthorized access of user address books stored on their mobile phones, and both have quickly taken responsibility for the issue. Path has taken the additional step to seek help from privacy experts (in the spirit of full disclosure, Path has talked to TRUSTe regarding our privacy management solutions), while Hipster has elected an alternative approach, calling on their mobile start-up colleagues to jointly craft a privacy pledge for the mobile app ecosystem (see responses from Path and Hipster). While Hipster should be applauded for their efforts to raise visibility of an important problem, and while I appreciate the spirit of the suggestion, it is unlikely to address the core problem simply because the issue of privacy cannot be boiled down to taking a pledge to “do the right thing”. In order to define “the right thing”, one needs to fully understand the intricacies of data flows through the online ecosystem, all the nuances of privacy regulation, and how they might apply to each unique business model.
Privacy management is becoming increasingly complex due to the emergence of new compliance requirements, advancements in targeting capabilities, and supporting technology required to monitor and manage data privacy. 2011 saw a record number of FTC privacy cases, legislative proposals, and media coverage into online privacy. End-user concern was also at high levels – with 90 percent of consumers indicating they were concerned about their privacy online; and 88 percent of consumers indicating they would avoid doing business with companies they did not believe were protecting their privacy online.