Transparency about the personal data that mobile applications collect may be at the top of the agenda as the U.S. Department of Commerce begins work on privacy codes of conduct for online businesses.
The agency's National Telecommunications and Information Administration (NTIA) has identified mobile privacy issues as a potential top priority as it seeks to convene interested groups to draft privacy codes of conduct. Earlier in February, members of U.S. President Barack Obama's administration announced plans to begin working with businesses and other groups to draft privacy codes of conduct and to push Congress to pass legislation containing a privacy bill of rights.
The NTIA on Wednesday asked for public comments on how it should proceed with the so-called multi-stakeholder process to develop privacy codes of conduct.
"We want your input," Lawrence Strickling, the NTIA's administrator, wrote in a blog post. "We are seeking your views on what issues should be addressed through the privacy multi-stakeholder process and how to structure these discussions so they are open, transparent, and most productive."
One of the first steps NTIA is considering is a push to develop transparency rules for mobile apps, the agency said in its public notice.
"Mobile apps are gaining in social and economic importance," the agency said. "Mobile devices pose distinct consumer data privacy issues, such as disclosing relevant information about personal data practices on a small display."
Only about a third of the top 10 paid mobile apps for three major mobile operating systems have privacy policies, the NTIA noted, referencing a Future of Privacy Forum study from December. "Practices surrounding the disclosure of consumer data privacy practices do not appear to have kept pace with these rapid developments in technology and business models," NTIA said.
The agency is also looking for public comments on privacy issues related to location-based mobile services, services targeting children and teens, and cloud computing. NTIA is also seeking comments on how federal agencies can hold companies accountable to privacy promises.
NTIA noted that business participation in the process to develop privacy codes of conduct will be voluntary. "A code of conduct will not be binding on a company unless and until that company affirmatively commits to follow it," the agency said. "NTIA expects that a company's public commitment to follow a code of conduct will be legally enforceable" through the U.S. Federal Trade Commission.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is firstname.lastname@example.org.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.