Rep. Hank Johnson, D-Ga., last week introduced into the House of Representatives a new bill that could considerably change mobile application development.
The bipartisan Application Privacy, Protection and Security Act would require application developers to gain explicit consent from consumers before collecting their data. The bill also would require developers to secure that data and to tell consumers how long it would be stored.
There have been a number of privacy issues regarding mobile apps in recent years involving almost all the major players in this space, including Apple, Google and Facebook. The scenarios usually are some version of what the APPS Act is trying to address: collecting data from users without their knowledge or sharing users’ data with third parties without their permission.
Such incidents have spurred privacy advocates to demand action from Washington.
The government has been chronicling the growing problems related to this issue, which suggests that the issue may be reaching critical mass.
In February, for example, the Federal Trade Commission released a report along with recommendations on how to protect mobile users’ privacy. Among other things, it suggested that app developers provide opt-in consent and consider building a one-stop dashboard for consumers to review the types of content accessed by the apps they downloaded. The FTC suggested offering a Do Not Track mechanism for mobile users as well.
If the legislation is enacted into law, it clearly will impose a new cost on developers — but perhaps less than feared. It would stand to benefit developers as well.
Many of these standards are already in place in some states — California, for example, noted Justine Phillips, attorney with McKenna Long & Aldridge.
“For those app developers that already disclose the purpose for collecting, using, sharing and storing personal data, and require consumer consent before collecting the data, the proposed legislation would not significantly change the way the app works,” she told the E-Commerce Times.
“Many consumers already click ‘I Agree’ after downloading, and before using their mobile technology,” Phillips noted.
App developers that currently do not disclose will have to build an additional disclosure screen explaining the lengthy terms and conditions of using the app, she continued. The good news for those developers is that a safe harbor provision is included in the legislation for organizations that comply, which can be valuable in consumer class action litigation.
“Not to mention,” Phillips concluded, “federal legislation will reduce the cost each company faces when figuring out jurisdictional issues and state laws on the subject of consumer privacy.”
Miles to Go
For now, developers likely have little to fear — or anticipate. The bill will most likely not go anywhere before 2014, David Johnson, principal of Strategic Vision, told the E-Commerce Times.
Congress is polarized and consumed with such hot-button issues as Benghazi and the recent allegations the IRS has been targeting the Tea Party and other conservative groups, he observed.
“In this environment,” said Johnson, “something substantive like this legislation — which does have supporters in both parties — is simply not going to pass.”