How Coders Should Make Apps More Privacy-Friendly

Excellent news for those who worry about the privacy implications of using apps: MEF, a trade organization for the mobile content and commerce industry, launched a privacy policy generator called AppPrivacy. I reckon it’s an important step toward developers taking “privacy by design” principles into account.

This is a crucial issue, particularly as people become more sensitive to the potential security risk involved with apps sucking up their personal data and sending it who knows where. And with Android having introduced toggles that let users kill specific elements of an app’s functionality, the tide is turning—developers have to be more on-the-level with their customers these days.

AppPrivacy comes out of an MEF working group dedicated to, well, app privacy. The group includes a bunch of lawyers and representatives from companies such as Mozilla, Vodafone, mobile ad network InMobi, privacy management company TRUSTe, and security outfit Kaspersky Lab.

The tool is for use by developers, who simply fill in a series of tick boxes detailing what data they use, why they use it, and who else gets access to it. At the end, AppPrivacy generates a straightforward HTML privacy policy for customization and embedding into an app itself.

What’s cool about the tool is the way it gently harangues developers as they’re filling out the forms. To truly test AppPrivacy, I decided to make my “HappyFunTimes” app as obnoxious as possible, so I checked the box that said I wanted to send marketing messages to my users’ contacts.

“Warning!” a pop-up box read. “If you are going to access the user’s contacts database and use it for marketing purpose, you must have their permission first. Also, you should gain consent from any contact you plan to send marketing messages to.”

I ticked the box saying I wouldn’t require consent from my users to send them marketing messages, and then: “Warning! Many countries require marketers to gain consent from any contact you plan to send marketing messages to. If you do not—and are not able to prove it—you may find yourself in trouble with the relevant authorities.”

HappyFunTimes should collect user location data, I decided. The warning: “While there’s no doubt consumers enjoy the location-enabled functionality of modern smartphones, many are concerned at having their movements monitored. It’s important you let them know why you’re tracking their location and who you’re sharing that information with.”

Did I mention that I love this tool? Sure, it’s not perfect. And, yeah, an ad firm is part of the working group. But you know what? It’s an excellent start.

Why? Because, as MEF itself found in a recent survey, more than 25 percent of the top 100 free apps have no privacy policy at all. And only a third of those that have a policy give access to it from within the app. Meanwhile, 70 percent of consumers surveyed by MEF said it’s important to know when an app is gathering and sharing personal data.

People do care about this stuff, and, as platforms gradually give users more control over their data, developers need to care about it, too. AppPrivacy is not hard to use (I managed), and it bluntly spells out the factors that developers should be considering.

As MEF Global Chairman Andrew Bud put it:

“Consumers’ trust in our industry will be built on transparency and ease of understanding in dealing with their private data. That’s a tough combination to deliver, and our research shows that many providers have struggled with it. Now, building on the expertise of our cross-stakeholder group, AppPrivacy delivers credible, practical solutions to ensure best practice in our industry.”

What we need now is the introduction of more informative and granular permissions at the time of an app’s installation. But that’s a platform thing—over to you, Google and Apple.

Also from GigaOM:

10 Strategies for Improving Content Marketing with Analytics (subscription required)

Hampton Creek Now Selling Plant-Based Eggs at Whole Foods in California

What I Like and What I Don’t Like About the New Apple iPhones

ABC Executive: Second-Screen Apps Can Be a Distraction

Why Do Physical Keyboards Still Exist for Mobile?

Before it's here, it's on the Bloomberg Terminal.