Mobile app privacy draft bill would let users delete stored data

A new draft bill published this week proposes to improve mobile application privacy by requiring developers to disclose their information collection practices and enabling users to request the deletion of their stored data.

Spearheaded by U.S. Rep. Hank Johnson (D-Ga.), the Application Privacy, Protection and Security Act of 2013, or APPS Act, would obligate developers to transparently disclose the terms and conditions around their consumers data collection, use, storage and sharing efforts. In addition, the act would give users controls to cease data collection by opting out of the service or deleting personal data "to the greatest extent possible. " 

The APPS Act would grant the Federal Trade Commission power to pursue violations as "unfair or deceptive acts or practices," and state attorneys would be allowed to bring civil lawsuits against developers who fail to adhere to the guidelines.

The APPS Act is based on consumer feedback collected via AppRights, a Web-based initiative launched in July, as well as meetings with app developers, public-interest groups and industry leaders. "Because the majority of the feedback that we received on AppRights expressed strong support for user control, transparency, and security, we incorporated these principles into the bill," Johnson said. "Many of you also told us that simple mechanisms are important to protecting your privacy on mobile devices. After listening to these concerns, we have written provisions to address these concerns without threatening the functionality or integrity of the mobile apps that you love."

The APPS Act has not been formally introduced as legislation. Computerworld reports that Steve DelBianco, executive director of the NetChoice e-commerce trade group, is calling on lawmakers to give the U.S. National Telecommunications and Information Administration time to develop its own mobile app privacy recommendations. Participants met again Thursday. "I hope the congressman will hold his bill until our multi-stakeholder process proves it can generate consensus best practices," DelBianco said in email.

The publication of the APPS Act follows a week after California's attorney general issued a 22-page set of guidelines designed to improve and protect mobile application user privacy. In the report, California AG Kamala D. Harris urged mobile software developers to "minimize surprises to users from unexpected privacy practices," suggesting they post transparent, easy-to-read privacy policy guidelines and recommending the use of "special notices" when an app might be using data in a way consumers might not expect. Harris also encouraged developers to use encryption to handle data, limit employees' access to user information and designate a staffer to periodically review the app's privacy practices, making sure that policies remain up to date.

For more:
- read this Computerworld article 
- read this CNet article

Related articles:
California AG issues mobile app privacy guidelines
California sues Delta Airlines over mobile app privacy violations
Apple, Google consent to mobile app privacy accord
FTC to Apple, Google: Apps for kids must disclose data privacy practices
Amid privacy uproar, Apple promises to detail app permissions
Path admits mistake, allows users to opt out of contacts database
Lawmaker Markey unveils Mobile Device Privacy Act