Congressional Committee on Mobile App Privacy

I had the opportunity to give my advice on mobile apps and privacy as a panelist for the 2012 State of the Mobile Net Advisory Committee. If you watch the video you will notice not everyone is in agreement with who should be responsible for your privacy–The App Developer, The Platform (iOS, Android, etc), or The End-User?  I certainly have my opinions as both a developer and a consumer of hundred of apps.  Click the image to watch the video:

Although ultimately it is up to the developer to protect your privacy and do no evil, I argued that the platforms are in the best position to protect your information.  Apple iOS guards your location and prompts you when an application tries to access it.  This works well and you have the ability to deny the app access.  This kind of protection could be provided to other areas such as your address book and calendar events which are currently wide open for apps to abuse.  Imagine downloading a flashlight app, only to have your entire address book uploaded to Spammers-R-Us.

The Android platform gives you a list of permissions an application requires prior to installation.  I like this but as I discuss in the video it has caused issues in my own apps.   I’m hoping a mix of both real time and installation time permissions find it’s way into both platforms going forward.  I feel when a technical solution exists to a problem, and I’m claiming it does, then that is the best approach–Not government regulation and certainly not 100 page privacy policies that nobody reads.

We discussed issues with apps like Path which uploaded your address book without first getting your permission (It does now).  The Girls Around Me App was also a major focus and although we all think it’s creepy, I’m the only one who made the point of what’s wrong with displaying publicly available information?  In this case, girls were not aware their location was being put out into the public by Foursquare.  That’s a problem with the social network and not with an application that just displays what is already online.  Education is key here.

Privacy has become a huge issue with mobile apps and will continue to be.  I’m looking forward to future versions of iOS and Android which will hopefully provide even better controls.  If we just leave it up to application developers to implement privacy controls then we won’t have a consistent standardized method to safeguard our privacy.  I want this across all of my applications.  What do you think?