New Rules for App Data Collection Transparency – A Relief to Users

The federal government has recently proposed a new set of rules in connection with increasing transparency in apps data collection. As data collection and storing through smart phones and devices is consistently increasing, the new proposal aims towards redefining the amount and type of data, mobile apps would be able to collect from users and remote devices. This law was developed in the course of one year by a committee of experts designated by the US Department of Commerce in collaboration with the National Telecommunications and Information Administration. It was expected to lay "a voluntary code of conduct for mobile apps short notices". The team was instructed to compile a new rulebook on the short notice sent to users prior to download, about what data an app is downloading and what is does with the data.

These guidelines call for app developers and publishers to submit the details on whether they are collecting data in a form of biometrics, browser history, phone log or text log, contact retails, and other sensitive information like financial information, location information, user files and other biometric information. The last option is considered very significant as various companies are working on launching their wearable mobile devices. The best example is Apple, whose iWatch is in development stages. These wearable devices will store user's biometric data for interaction with the apps. There are rumours that Apple is developing a fingerprint sensor clandestinely for the iPhone's next edition, as it has taken over AuthenTec, a leading mobile and network security company last year. Although, Apple has a very clear privacy policy statement but this new code of conduct will force Apple to alter and make it more condensed. With this code of conduct coming into effect, no app would be able to record your fingerprint without permission. The federal government started its investigation on Android and iOS over the data usage policy used by and warned Google and Apple both to get more precise and clear with their data usage policies.

The upcoming rules will require publishers and developers to mention in the short notice, whether the data collected by them is shared in a user-specific fashion with the ad networks, carriers, consumer data resellers, data analytic providers, government agencies, operating platforms, other apps or with different social networks. However, they will not require noticing the user, if the contract between the app and the third party explicitly defines the limits of data usage and sharing. These guidelines also provide few exceptions to the above-mentioned rules, guidance on short notice design and rules on linking to longer and fuller explanation of the policies.  

In a statement released alongside new guidelines, Mr. Lawrence E. Striker, Assistant Secretary of Commerce for Communication and Information, said that the National Telecommunications and Information Administration is excited about a group of stakeholders that has reached a decisive milestone in their efforts to enhance the quality of security given to mobile data. The American Civil Liberty Union also supported this step of the government by calling it a modest but significant step towards data security. For many years now, data collection, usage, retention and transmission have been the biggest worry for mobile users and the service providers. The consumer rights activists, regulators and lawmakers all were seeking a concrete solution to this problem and the proposed law appears to be that permanent solution until now.

As I mentioned above that the proposal looks like a solid resolution to the problems persisting at present, but with technological advancement, new security problems will raise their heads. In this case, the lawmakers will have to fasten their seat belts and stay geared to tackle them without any delay.