Mobile Application Privacy: NTIA Publishes Latest Multistakeholder Transparency Draft for Comment

The National Telecommunications and Information Administration ("NTIA"), part of the U.S. Department of Commerce, has been convening multistakeholder meetings to work on improvements to data collection/use transparency--an effort called for in the Obama Administration's Consumer Privacy Bill of Rights. On February 4th, 2013, the NTIA released the latest discussion draft of its Code of Conduct for Mobile Application Transparency. The goals of this initiative, as stated in the latest draft, are to "balance the objectives of transparency, brevity and functionality," or more specifically:

• Transparency: Consumers expect clear, succinct explanations of an app’s data collection and third party data sharing policies.
• Brevity: Short form notices must enhance app transparency and understanding in context.
• Functionality: App developers need transparency standards that they can easily implement in the context of an app without diminishing the user experience.
• Consumers hold a spectrum of attitudes towards sharing their data with apps. Consumers’ willingness to share data will vary with context and time, and apps should facilitate those choices.
• Regulators, legislators, and privacy and consumer advocates all seek a fair balance among all of the interests involved, recognizing some consumers’ choice to share data with apps in exchange for a wide variety of tools, content, entertainment.
• Apps will evolve over time to offer fixes, enhancements, and changes to the original functionality. Apps may need to offer new functionality and/or they may need to adapt their business models. When apps’ data policies evolve in material ways, the apps must promptly and prominently update their disclosures to consumers.
• Continued work will need to be done to help integrate the full range of fair information practices with effective methods of transparency for innovative data uses. App developers understand that the implementation of these principles is just one aspect of satisfying consumer expectations and they commit to leading their industry to develop common practices and tools that adhere to fair information practices (these principles include access to personal information, control over storing information and sharing it with third parties).
• App Developers who adhere to this code of conduct and provide short form notice as described in Section II, are engaging in a best practice that significantly enhances transparency of data practices. This code reflects the state of industry best practices for transparency. Although compliance with the code and provision of a short form notice does not guarantee that any individual developer is providing an accurate notice for their specific practices, the authors of this code believe that compliance with the standardization provided by this notice should be a compelling factor serving to limit claims that a notice is deficient.

According to John Verdi, Director of Privacy Initiatives for the NTIA,comments and proposed changes on the latest discussion draft should be sent either to Tim Sparapani or Verdi himself by February 18, 2013. Verdi further states that "[c]omments from prospective adopters are particularly encouraged!"

The informational page for the multistakeholder process on moible application transparency, including meeting schedules and other relevant links, may be found here.