Proposed bill would enable mobile phone users to delete app-collected data
Proposed legislation in Congress would enable mobile phone users to direct mobile application developers to delete personal data already collected and to stop collecting personal information once the user stops using the application.
The APPS Act, which has been proposed in the 113th Congress by Rep. Hank Johnson (D-Ga.), would also require app developers to provide notice of the terms and conditions governing data collection and storage, and require explicit consent from the user for that data collection and storage. Johnson has released a discussion draft of the legislation.
The Federal Trade Commission would be given the responsibility of enforcing the mobile app privacy rules, and state attorneys general would be able to bring civil lawsuits against app developers for privacy law violations.
In July of last year, Johnson set up a website called AppRights.us to get feedback on mobile device app privacy.
"Because the majority of the feedback that we received on AppRights expressed strong support for user control, transparency, and security, we incorporated these principles into the bill. Many of you also told us that simple mechanisms are important to protecting your privacy on mobile devices. After listening to these concerns, we have written provisions to address these concerns without threatening the functionality or integrity of the mobile apps that you love," Johnson said in a statement.
NetChoice, an e-commerce trade association, opposes broad government mandates on mobile app privacy. Steve DelBianco, executive director of NetChoice, advised the lawmaker to hold his bill until a multi-stakeholder process led by the United States National Telecommunications and Information Administration (examining mobile app privacy) is complete, he told InfoWorld in an email.
The collection of information by mobile apps is a concern not only for individuals but also for enterprises. As more and more employees bring their personal devices into work, the data on those devices is likely to include sensitive corporate information. Enterprises have a financial interest in knowing what information is leaving those devices.