Provision One: Protecting Your Mobile Privacy through User Control

Wednesday, December 5, 2012

Starting today, we are releasing provisions for mobile privacy legislation that relates to the transparency, security, and control principles that received so much of your support. Each provision will have a two-week period for you to let us know about your thoughts and concerns. Once we have heard back from you on all three principles, we will issue another legislative transparency report that explores your feedback before the Congressman introduces legislation.

The majority of the feedback that we received on AppRights expressed strong support for user control. Many of you also told Congressman Johnson that simple controls are important to protecting your privacy on mobile devices. After listening to these concerns, we have written a user-control provision to address these concerns without threatening the functionality or integrity of the mobile apps that you love.

This provision requires developers to allow users to delete a mobile application at any time, along with users’ other personal data stored by the application. Developers must cease to collect or use data within a reasonable period of time after the user has deleted the application.

Bill Text: Withdrawal of consent.—The developer of a mobile application shall provide a user of the application with the ability at any time, by deleting the application from the mobile device, to— (1) delete any personal data stored on the device by the application; and (2) prohibit the developer, within a reasonable and appropriate time thereafter, from engaging in any further use or sharing of personal data collected by the application.

Definitions:

• The term “anonymous data” means data from which particular individuals cannot be identified.
• The term “developer” has the meaning given by the Federal Trade Commission by regulation.
• The term “mobile application” means a software program (A) that runs on the operating system of a mobile device; and (B) with which the user of the device directly interacts.
• The term “mobile device” means a smartphone, tablet computer, or similar portable computing device that transmits data over a wireless connection.
• The term “personal data” has the meaning given by the Federal Trade Commission by regulation, but does not include anonymous data.

The app economy has undoubtedly enriched lives, created jobs, and contributed much to education and culture. But if data is an asset like any other, developers should be responsible and accountable when collecting data.

We look forward to your input on this provision, and hope you will continue to express your views and concerns regarding mobile privacy. By sharing your thoughts with us through our secure form at AppRights.us, or interacting with us on Facebook or Twitter, we will work together to find the right solutions to each issue.