Modernizing Authentication — What It Takes to Transform Secure Access
California Attorney General Kamala D. Harris recently published a set of recommendations [PDF file] for mobile app developers to safeguard consumer privacy.
"Harris consulted app developers, app stores, advertising networks, mobile carriers, device manufacturers, operating system developers, security and privacy professionals and consumer groups in developing the recommendations in the report," writes The Los Angeles Times' Jessica Guynn.
"The guidelines appear to address both common-sense and forward-thinking recommendations, as well as a range of general and specific guidance," writes CNET News' Seth Rosenblatt. "For app developers, for example, the document suggests avoiding 'surprises' such as 'collecting personally identifiable data from users that are not needed for an app's basic functionality,' such as the user's contact list."
"The attorney general's report discouraged ad networks from using device identifiers and instead 'transition to using app-specific and/or temporary device identifiers,'" writes The New York Times' Somini Sengupta. "She also nudged ad networks to issue privacy policies of their own and explain how they use personal data."
"Finally, the state recommends making privacy policies easy to read and easy to understand," writes Ars Technica's Timothy B. Lee. "For example, the report suggests presenting privacy information in a 'grid or nutrition label for privacy' format that 'displays your privacy practices by data type.'"
"Californians want to know what personal information their apps collect, how it is used and with whom it is shared," Harris said in a statement. "To meet this need and keep pace with rapidly changing technology, these recommendations strike a responsible balance between protecting consumers’ personal information and fostering the continued growth of the innovative app economy."
"In publishing this report, Harris is making good on a promise she made in late October to improve mobile privacy in her state, which is, for what it's worth, a technological vanguard, not only in the U.S., but around the world," writes Threatpost's Brian Donohue. "Whether or not Harris's policies will have any meaningful impact on tech industry that has shown more than a little apathy toward consumer data privacy remains to be seen."