Dec. 21, 2011 – Facebook To Notify Europeans On Facial Recognition, Investors.com

Amid concerns about user privacy in Europe and beyond, Facebook on Wednesday announced sweeping changes to its European data collection, including notifications on a controversial facial recognition feature. Along with having to notify European users three times about its opt-out facial recognition feature, Facebook will disclose “all personal data held (about users) on request,” says Ireland’s

Privacy Ins and Outs

De-identification Workshop Videos

Opening Presentation:

Special Message from Dr. Ann Cavoukian

Panel 1:

Panel 2:

Panel 3:

Keynote Luncheon:

Panel 4:

Panel 5:

FPF & CDT Release Best Practices for Mobile App Developers

Today, the Future of Privacy Forum and the Center for Democracy & Technology publicly released a beta version of their “Best Practices for Mobile Applications Developers.” We have been working on this guidance over the past year in consultation with stakeholders from industry and civil society, both in the United States and abroad. We hope that this document can serve as a primer for developers who are interested in preserving their customers’ privacy but who aren’t necessarily privacy experts themselves.

We started on this project because of heightened privacy issues in the mobile environment. Application developers can access a considerably broader range of information about users than traditional web developers. Last year, the Wall Street Journal reported that of the top 101 apps, most were transmitting personal information about users, such as unique device identifiers, age, gender, and precise geo-location information to third parties. Research from the Future of Privacy Forum has shown that even in the most popular applications, less than half have privacy policies detailing what they do with customer data.

The best practices are based on long-established privacy principles that we believe should apply to everyone who collects and processes individual information, not just mobile developers. Among the recommendations that we make to developers are:

This is not a final pronouncement on our view as to what app developer best practices are.  We’re soliciting public comment on this draft — if you have feedback, please send your thoughts to [email protected]

Also, check out the survey we released yesterday finding that Free Mobile Apps are Better than Paid on Privacy Policies.

FPF Releases Mobile Apps Study

The Future of Privacy Forum has released a study on the most popular apps. FPF tested privacy policies for the top paid and free apps and found that free apps that are paid for by targeted advertising are twice as likely to have privacy policies. To see the press release and the full study, please click here.

FPF Survey: Free Mobile Apps Better than Paid on Privacy Policies

Future of Privacy Forum Survey Finds Free Mobile Apps Better than Paid on Privacy Policies

Apps supported by advertising and tracking twice as likely to have privacy policies as paid apps

Washington, DC—In May, the Future of Privacy Forum reviewed the most popular paid apps for the iPhone, Android and Blackberry marketplaces, documenting which ones provide consumers with the most basic privacy protection- a legally binding privacy policy. In a new survey released today, FPF tested privacy policies for the top paid and free apps. Key findings from the new survey include the following:

1. Free apps are twice as likely to have privacy policies than paid apps.

[list class=”bullet-3″][li]Out of the free apps surveyed, 66 percent had privacy policies, while only 33 percent of the paid apps had privacy policies.[/li][/list]

2.  Free apps make their privacy policies easier to find than paid apps.

[list class=”bullet-4″][li]Of the free apps with privacy policies, approximately 75 percent made the privacy policy accessible in the app itself or via a web link from the app. To find privacy policies for the other 25 percent, consumers had to visit the developer’s website.[/li][/list]

[list class=”bullet-3″][li]Of the paid apps with privacy policies, 50 percent made the privacy policy accessible through the app or via a link, and 50 percent made the privacy policy only accessible on the developer’s website.[/li][/list]

3.  The percentage of paid apps that have privacy policies has slightly increased.

[list class=”bullet-4″][li]Out of the paid apps surveyed, 33 percent had privacy policies, marking an improvement over the FPF May 2011 survey in which only 26 percent of paid apps had privacy policies. (The May survey reviewed only paid apps.)[/li][/list]

According to FPF Director and Co-Chairman Jules Polonetsky, the reason that free apps have a better record on privacy policy has to do with their primary revenue source.

“We weren’t surprised to discover that free apps were doing better than paid apps, because free apps are more likely to be dependent on advertising and tracking and have more to disclose than paid apps,” explained Polonetsky. “Although a privacy policy isn’t the final word when it comes to communicating with consumers about how their data is used, companies providing policies show that they have taken an essential step to document their practices and provide legal accountability for their actions,” he added.

“With resources for app developers like our resource site, applicationprivacy.org, and privacy policy generators provided by TRUSTe and PrivacyChoice.org, there is no excuse anymore for app developers not to provide consumers with privacy policies,” said FPF Co-Chairman Christopher Wolf.

Research for and the creation of the app privacy policy matrix was conducted by FPF Fellow Kenesa Ahmad.

Click here to view the complete study. To schedule an interview with Jules Polonetsky, please e-mail [email protected].

 

Notes About Methodology:

The Future of Privacy Forum analyzed the top 10 paid and free applications for:

1) App Store, iPhone – U.S.

2) Google Android Market – U.S.

3) Blackberry App World – worldwide (all devices) according to the Distimo September 2011 industry report, released in late November.

In the assessment, researchers downloaded each app and looked at the application developer’s website to determine whether a privacy policy existed and could be associated with the application. If a privacy policy was either found in the application or located on the developer’s website, the developer was credited with having an application privacy policy. FPF denoted these distinctions with asterisks. However, if the application website had a privacy policy that did not cover the application, FPF did not give it credit for having a privacy policy.

The lists of apps are different from those used in the FPF’s first survey because the top apps for each OS/device vary from month to month. In this survey, FPF used the top ten lists in the September 2011 Distimo app industry report. The Distimo report provides the top paid apps in the U.S. for Android and Apple, and the top paid apps worldwide for Blackberry.

####

The Future of Privacy Forum (FPF) is a Washington, DC based think tank that seeks to advance responsible data practices. The forum is led by Internet privacy experts Jules Polonetsky and Christopher Wolf and includes an advisory board comprised of leading figures from industry, academia, law and advocacy groups.

Click here for the PDF version.

Dec. 16, 2011 – Jules Polonetsky Covers Mobile Technology, Talk 760 WJR

Tech-savvy shoppers have more tools than ever before. Jules Polonetsky discussed the benefits and best practices of using mobile technology on “The Paul W. Smith Show” on News/Talk 760 WJR in Detroit. Listen here for the interview.

Industry Leaders Discuss Benefits of Self-Regulation for OBA

On Tuesday afternoon, the Information Technology Innovation Foundation (ITIF) unveiled a new paper titled, “Benefits and Limitations of Self-Regulation for Online Behavioral Advertising” at a Microsoft event on self-regulation in the online behavioral advertising (OBA) environment. In the paper, author and ITIF senior analyst Daniel Castro explains, “[S]elf-regulation benefits the economy by creating a more flexible regulatory environment than is typically found with state regulation. Industry experts review current activities, identify best practices, and develop these into industry guidelines. These guidelines continue to evolve over time in response to feedback from industry leaders.”

 

Panelists discussed key issues about the current self-regulatory framework, including the multi-stakeholder environment, and issues surrounding the upcoming W3C Do-Not-Track standards. Rachel N. Thomas, Vice President of government affairs for the Direct Marketing Association, noted that she is already “seeing a shift in the way folks [consumers] are talking,” in terms of consumers having an easier time identifying what they are afraid of, while also understanding the benefits of OBA. Morgan Reed, Executive Director of the Association for Competitive Technology, pointed out that the 600,000 jobs created by the mobile apps economy is evidence that self-regulation is working.

 

Though most panelists expressed the view that self-regulation is more adept to change in contrast with government regulations, they also acknowledged that further FTC enforcement against the “bad actors” is a good thing. “People sometimes forget that we are not a membership driven program. We are an industry-wide program, which means that your bad apples are under my purview. And if you don’t abide by the rules, we aren’t afraid to refer you to the FTC,” said Genie Barton, Vice President and Director of the OBA program at the Council of Better Business Bureau.

 

-Lia Sheena

Who Would You Put on the Nice List?

 

2011 has been a year marked by criticism of industry data practices.  Certainly many of the concerns have been warranted and we know that many businesses have increased their efforts to ensure they have the staff and processes in place to do better going forward.

 

At the Future of Privacy Forum, we believe in the carrot as well as the stick and we think it is important to give credit to the companies that are working hard to get privacy right.  We maintain an annual “Gallery of Leading Practices” in order to encourage companies to develop innovative ways to advance responsible data practices.  We hope that some of these practices become industry standards. We think it is important to highlight the companies that have adopted innovative practices in the last year and are leading the way so as to encourage other companies to follow.

 

As the year closes, we are soliciting nominations for the 2011 Future of Privacy Forum Gallery of Leading Practices.  Please email [email protected] with your suggestions for companies that are leading the industry towards better privacy practices.  Please highlight for us the specific practice you are applauding and provide an url or screenshot that will allow us to review the information firsthand.

 

To see the 2009 and 2010 galleries, please click here.

 

Thank you,

Jules Polonetsky and Christopher Wolf

Future of Privacy Forum

Dec. 4, 2011 – Jules Polonetsky Discusses Cyber Trends with Tom Grooms on Mix 107.3 FM

When it comes to the holidays, there’s an app for that! Jules Polonetsky discussed holiday cyber trends with “Spectrum” host Tom Grooms on Mix 107.3 FM in Washington, DC. Listen here for the interview.