California has reached an agreement designed to protect the privacy of mobile app users with Amazon.com, Apple, Google, HP, Microsoft, and a company called Research in Motion. The agreement was sparked by the fact that smartphone apps routinely transmit users’ contacts and other personal data, including location, identity, messages, and photos, without their knowledge. Both Apple and Google already require app developers to ask users for permission to obtain personal data. However, users are rarely told which data is being collected or how it will be stored or used. Moreover, some developers – even makers of very popular apps – have collected and transmitted users’ contact lists without their consent.
California’s agreement also relates to our conversation about the White House’s suggestion for multistakeholder meetings to develop enforceable codes of conduct, in that the statement by California attorney general suggests that this agreement was born of just such a process: “[T]hese companies have to be commended for accepting the invitation to meet around our table, act on it and sign the agreement…” Perhaps this agreement indicates the willingness of tech companies to engage in that kind of a process.
Finally, it’s interesting – and perhaps telling – that California brokered the deal with these major tech companies since it is the state that was on the forefront of requiring notices to consumers regarding breaches of their data, and the casebook notes that most states then followed suit (p. 881-82). Thus, state regulation may provide yet a third means (other than Congressional action and White House policy) of advancing the cause of consumer privacy.
The link to the article is here: http://bits.blogs.nytimes.com/2012/02/22/california-attorney-general-reaches-deal-on-app-privacy/?scp=6&sq=privacy&st=cse