American Marketer

Columns

California attorney general regulates mobile marketing privacy standards

March 7, 2013

Kenneth G. Kraetzer is vice president at cbsi Financial & Marketing Services

 

By Ken Kraetzer

Mobile marketers need to pay close attention to the directives on privacy protection issued in January by California Attorney General Kamala D. Harris and the guidelines her office issued titled “Privacy on the Go, Recommendations for the Mobile Ecosystem” (1).

The 22-page outline follows an announcement that Ms. Harris made Feb. 22 of an agreement “Committing the leading operators of mobile application platforms to improve privacy for millions of consumers around the globe” (2).

This agreement was reached after discussions with six large mobile app owners: Amazon, Apple, Google, Hewlett-Packard, Microsoft and Research In Motion (now BlackBerry). Facebook later joined the group of companies working with California to set workable standards.

California girds
Subsequently, in December, Ms. Harris announced the first legal action under California’s July 2004 On-line Privacy Protection Act (3) against Delta Airlines, which was given 30 days to “Conspicuously post a privacy policy within their mobile app” (4).

Certainly, the directive is a statement to all mobile marketers that might operate in California, which is virtually everyone. The privacy notice placed on the mobile app needs to inform users of “What personally identifiable information is being collected and what will be done with it.”

The California attorney general issuance acknowledges the high acceptance rate by which consumers are using smartphones, pointing out that 1,600 new apps are being released every day.

The attorney general described the display of privacy information on small screens such as cell phones and smartphones as “another challenge.” Allowing customers to read the privacy policy for an app before downloading from an app store was recommended.

Going public on privacy
The California guidelines cover six types of providers with requirements for app developers, app platform providers, mobile app networks, operating system developers and mobile carriers.

Highlights of the recommendations for app developers cover four areas:

1. Compile a data checklist of personally identifiable information that the app will collect

2. Avoid collecting data you do not need

3. Write a privacy policy that is “Clear” and “Accurate”

4. Make the privacy policy “Conspicuously accessible to all”

The California attorney general recommendations go on to describe the expectation for the use of “enhanced measures” or “special notices” to draw customer attention to data practices that may be unexpected.

For example, one is “Operating systems that use location data deliver a notice just before collecting the data” to give customer a chance to decline. This aspect will take time and experience to workout.

App platform providers will be expected to provide users “app privacy policies” from the app platform before a user downloads an app.

Operating systems developers are expected to develop their systems in such a way that users can control the data and features that an app can access.

Wireless carriers are expected to educate customers on “mobile privacy and particularly on children’s privacy.”

The document describes that the California attorney general is working with the National Telecommunications and Information Administration to develop “an enforceable code of conduct on mobile app transparency.”

WITH THIS effort, California has taken the lead in regulating mobile marketing privacy standards and expectations.

Major mobile marketers such as financial services and travel organizations will need to closely examine the requirements set out in California for protecting privacy and consumer data.

Vigilance to prevent fraud and sources of data loss will always need to be a constant priority to maintain consumer confidence and avoid restrictive regulation.

Further details on the California attorney general’s mobile privacy guidelines and legal action taken against Delta Air Lines can be viewed via the links below:

(1) Privacy on the Go, Recommendations for the Mobile Ecosystem, January http://oag.ca.gov/sites/all/files/pdfs/privacy/privacy_on_the_go.pdf

(2) http://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-secures-global-agreement-strengthen-privacy

(3) http://oag.ca.gov/privacy/COPPA

(4) http://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-files-suit-against-delta-airlines-failure

Kenneth G. Kraetzer is vice president at cbsi Financial & Marketing Services, Harrison, NY. Reach him at kkraetzer@cbsiservices.com.