A little over a week ago, the Obama Administration announced a Consumer Privacy Bill of Rights, which is predominantly concerned with online data use and privacy issues.
There is a lot of talk about this much-needed step forward and its ramifications going on right now. And, well, there should be.
One example of the need for this sort of measure comes from the exploding use of smartphones. Anyone paying attention to the industry knows that mobile is responsible for a larger percentage of overall Internet use. The phrase, “there’s an app for that,” has entered the common lexicon.
Unfortunately, those apps are not very good at respecting the data privacy of users. EU Observer.com reports the following disturbing data:
A recent survey by online campaigning group the Future of Privacy Forum estimated that 60 percent of all mobile apps do not have a privacy policy that notifies consumers what parts of their personal data are accessed by apps. Meanwhile, a study by TrustE and Harris Interactive found that 95 percent of all apps lack a privacy policy.
ComScore reported last October that smartphones and tablets are now responsible for 7% of overall Internet use in the United States, and that number continues to grow as the devices become more widespread. The largest percentage of that number is attributed to iOS devices like the iPhone and iPad. As it grows, the significance of the 95% of apps that lack any privacy policy at all becomes alarming, to say the least.
It is not just app users that are in danger of having their data misappropriated. CNN Money‘s David Goldman notes a number of recent privacy failures that go far beyond the realm of the handset:
Path, Twitter and scores of other mobile phone apps were recently found to be uploading entire address books to their servers without permission. In December, handset makers were caught installing secret software that could potentially record keystrokes. Last week, Google was caught red-handed violating Safari’s privacy settings.
Facebook, Google, and Twitter have all settled with the FTC over past privacy violations, and are under orders to tread carefully to avoid future ones.
The plain and simple fact is that there have been no standards in place up until now, and certainly no real legal repercussions, on how companies can collect data on their users. Since the speed of legislation is considerably slower than the rate of technology advancement, this is not at all surprising. Distressing, yes. Surprising, no.
So, what does this outline presented by the White House actually say? According to the Obama Administration, it’s supposed to “give consumers clear guidance on what they should expect from those who handle their personal information, and set expectations for companies that use personal data.”
Kelley Schwarze, a blogger for Geek Sugar, has a terrific breakdown in which she takes each section and provides real-world examples. For instance, here is her translation of the “Access and Accuracy” portion of the document:
Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data is inaccurate.
Consumers have the right to access and correct their recorded personal data from companies, especially when this information may have negative consequences for the person.
How This [Affects] You: Until now, we haven’t been privy to exactly what data companies have recorded about us — here’s our chance. This may even have broader implications for significant data: for instance, will this mean that all those hidden details that determine our credit score will finally be revealed?
I highly advise her walkthrough of the particulars — it is a fantastic starting point.
While all this is well and good, it is vital to remember that there is no legislation involved in this as yet. It is merely a voluntary code of conduct with no real enforcement ability. Even if it did have more teeth, the language involved is imprecise enough to lend itself to rather, ahem, creative interpretation.
Goldman notes this in his CNN Money post:
The bill is a splashy gesture, but it’s also pretty toothless.
The document is stuffed with vague rules such as: ‘Companies should offer consumers clear and simple choices, presented at times and in ways that enable consumers to make meaningful decisions.’
The White House has stated that it would like Congress to create stricter mandates about what companies can do with their customers’ data, but with election season about to get into full swing, I’d be willing to doubt that is going to happen anytime soon.
Image by o5com, used under its Creative Commons license.