The National Telecommunications and Information Administration (NTIA) announced a voluntary Code of Conduct for mobile application ("app") short notices, (Code of Conduct) developed through the Multi-Stakeholder Process on Application Transparency convened by the U.S. Department of Commerce in June 2013. The purpose of the short form notices is to provide consumers enhanced transparency about the data collection and sharing practices of apps that consumers use. See http://www.ntia.doc.gov/files/ntia/publications/july_25_code_draft.pdf.
The Code of Conduct provides that app developers and publishers that voluntarily elect to enhance transparency by adopting a short form notice should describe in the notice
a) "the collection of types of data collected" (see the list of data categories below), and "whether or not consumers know that it is being collected";
b) "a means of accessing a long form privacy policy, if any exists";
c) "the sharing of user-specific data, if any, with third parties" (see the list of third-parties below); and
d) "the identity of the entity providing the app."
The Code of Conduct requires that "short form notices" convey the required information to app users in "a consistent manner that is easy for consumers to read and understand."
In particular, the short form notice should clearly disclose collection of the following data categories:
Further, the short form notice should state whether the app shares user-specific data with any of the following categories of third-party entities:
At the beginning of March, software developer Intuit Inc. announced it would soon release an open source code that will allow mobile app developers to craft short privacy notices that comply with the NTIA proposed voluntary short form notice provisions. The code will provide a customizable template that developers can use to develop a privacy notice that will incorporate all of the elements described above. This announcement comes a week after Lookout Mobile Security released its own open-source mobile app privacy notice code for developers.
These open source code modules should encourage mobile app developers to voluntarily comply with the Code of Conduct endorsed by the NTIA working group before it becomes the law of the land.
Day Pitney recommends that all app developers take a close look at the templates, given the legal exposure they could face for inadequate disclosures. No laws prohibit the collection of sensitive information from consumers using mobile apps, so long as you tell the consumer what you are doing. By adopting templates promulgated under the guidelines of the Code of Conduct, you can reduce the risk of becoming a target of the Federal Trade Commission, a state attorney general or the private plaintiffs' bar.
Day Pitney Cybersecurity, Healthcare and Technology (C.H.A.T.) Newsletter – April 2024
Day Pitney Cybersecurity, Healthcare and Technology (C.H.A.T.) Newsletter – April 2024
Day Pitney's Executive Committee, Executive Board and department leadership changes were featured on CityBiz.
The purpose of this monthly series Patently Enabled is to share simplified patent related information to assist non-patent practitioners in making the best decisions when considering their intellectual property rights.
Day Pitney's Executive Committee, Executive Board and department leadership changes were featured in Law360 Pulse.
Day Pitney’s Executive Committee, department leadership changes were featured in Hartford Business Journal.
Day Pitney Partner Kritika Bharadwaj has been named to the 2024 Lawdragon 100 Leading Global AI & Legal Tech Advisors list. This is the inaugural year for this list.
Day Pitney Alert
The purpose of this monthly series Patently Enabled is to share simplified patent related information to assist non-patent practitioners in making the best decisions when considering their intellectual property rights.
Copyright © 2024 Day Pitney LLP, all rights reserved.