New MMA Mobile App Privacy Framework Fails to Protect Privacy [annals of data collection foxes running the standards process]

Submitted by demedia on Sat, 10/29/2011 - 16:19

Ensuring privacy and consumer protection safeguards in the mobile and location marketing era is key.  Mobile marketers have largely failed to offer meaningful proposals that would empower an individual to control their mobile data experience.  Given that the business model for mobile advertising is a combination of behavioral profiling and your location, the industry doesn't really want to alter its business model.  Take the new "Mobile Application Privacy Policy Framework" just released by the Mobile Marketing Association's "Privacy and Advocacy Commitee" [that committee is co-chaired by Alan Chapell and Fran Maier of TRUSTe].  The guidelines are supposed to address the "core privacy issues" for mobile applications--but fail to provide what a consumer requires to make meaningful privacy decisions.
 
Of course, privacy policies for mobile services don't really work--no one is going to scroll down endless screens, even on a tablet.  Nor can one expect a mobile consumer to first visit a website and review what is usually misleading, legalistic, and purposely vague language.  The current consent mechanisms for mobile, also discussed in the new guidelines, don't really work.  Of course a consumer will say "yes, use my location" when they need something.  But shouldn't a consumer be told upfront how that data will be used?  For example, in the new app privacy policy it tells mobile marketers that if "third parties see/or have access to information obtained by the Application" they can merely say that "We may disclose User provied and Automatically Collected Information...with our trusted service providers who work on our behalf...to advertisers and third party advertising networks and analytics companies..."
In another words--they will share with a broad range of partners and your mobile data will end up in the hands of a mobile ad network or mobile ad exchange! 
There are no real safeguards in this new document on the use of your health and financial data; teens are totally unprotected.  
As we will tell the FTC, mobile app privacy guidelines must address the various ways data is collected from mobile users.  It's no secret how mobile data collection works--one just has to review what Google, Verizon, AT&T, Yahoo and Microsoft do, for example.  Explain how mobile ads using "rich media" can be used to foster data collection.  The FTC needs to reject this new framework as another example of failed self-regulation.