THE MOBILE MAJORITY: BUILDING PRIVACY BY DESIGN INTO MOBILE APPS Clarissa Cerda, EVP, Chief Legal Officer and Secretary, LifeLock Kimberly Cilke, CIPP/US Deputy General Counsel, GoDaddy.com Timothy Sparapani Vice President, Law, Public Policy & Government Relations, Application Developers Alliance Principal, SPQR Strategies, PLLC
PRIVACY IN THE MOBILE ENVIRONMENT Booming Mobile Marketplace 1 85% Adults In US Own A Cell Phone, 50% Use It To Access The Internet 1600 New Apps For Mobile Devices Added Daily, 1M+ Total In Existence Consumers Care 1 Over Half of Americans Had Uninstalled Or Decided Not To Install An App Because Of Concerns About Its Privacy Practices Privacy Policies Are Complex And Difficult To Read 2 Amount Of Time To Read Policies Is Too Great 3 Misconceptions: Majority of Americans Believe That Websites With Privacy Policies Cannot Sell Data 4 ¹California Attorney General s Office, Privacy on the Go at 12-13 (Jan. 2013) 2 Milne/Culnan and Greene 2006 ²McDonald/Cranor 2008 ³ 4urow/Hoofnagle 2009-2010
FTC AND WHITE HOUSE INITIATIVES By 2012 The Goals Of The FTC And White House (Privacy White Paper) Were Unambiguous: FTC It is of utmost importance that privacy policies should be clear and conspicuous and written language that is simple and easy to understand White House Consumer[s] have a right to easily understandable and accessible information about privacy practices in a form that is easy to read on devices consumers use
TRANSPARENCY PLAYERS Advocates FTC Attorney Generals NTIA Industry
THE FTC Standardized, Easy-to-Understand Privacy Notices Have Been At The Core Of FTC Efforts On Privacy For More Than A Decade. FTC Emphasizes Clear And Prominent Notice Of Information Collection, Use And Disclosure & Informed Consent For Sensitive Information. FTC COPPA Rule (mobile apps, "just in time" and close proximity) (2012) Early FTC Reports (1998, 2000) FTC Privacy Report (2012) FTC Staff Report on Mobile Privacy Disclosures (2013)
THE FTC FTC Staff Report Recommends Icons: Icons offer the ability to communicate key terms and concepts in a clear and easily digestible manner. Icons Allow Consumers To View Data Practice Highlights With A Quick Glance, Then Hover Or Click Through For More Detailed Information. Use Of Icons And Other Short Disclosures Will Have Greater Success If There Is Some Consistency In Approaches. 2013 FTC Staff Report on Mobile Privacy Disclosures
ATTORNEYS GENERAL January 2013: California Attorney General Releases Privacy Recommendations for Mobile Industry These always-on, always-on-us devices pose additional privacy challenges that are unique to mobile space. Consumers deserve meaningful information about privacy choices on small screens [in an environment] with many players who may have access A centerpiece of these Guidelines are prominent, timely, special notices or short-form privacy notices designed to be read on a mobile device of data practices that involve sensitive information or are not required for an app s basic functionality California Attorney General s Office, Privacy on the Go at 12-13 (Jan. 2013)
NTIA Multi-Stakeholder Process Developing Voluntary Code of Conduct for Mobile Application Transparency. Clear, Short Form Notice of Mobile App Collection of Unexpected or Sensitive Data Elements and Sharing of that Info with Third Parties. Proposal Developed by App Developers Alliance, World Privacy Forum, ACLU, Consumer Action and Industry Representatives.
INDUSTRY FTC Privacy Report Calls on Industry Sectors to Work Together to Develop Standard Formats and Terminology for Privacy Statements Applicable to Their Particular Industries. Clearly Need A Standardized, User-friendly Approach Designed With Industry Input. Must Effectively And Succinctly Explain Data Collection, Use And Disclosure Practices. HOW DO WE DO THIS? Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers, at iii, 19-20, 26-28, 44, 60, 70-72 (Dec. 1, 2010).
TWO-PHASED PROPOSAL Phase 1: Standardized Privacy Notice Elements Phase 2: Standardized Icon System Improved Transparency and Enhanced Consumer Choice
PHASE 1 Standardized Privacy Notice Elements Increase Transparency by Allowing Consumers To Compare Privacy Practices Of Different Providers. Encourage Competition Among Companies In The Privacy Protections They Afford. Utilize Standardized Descriptions As Outlined By FTC. Eliminate Legalese - Use Plain English To Effectively Provide Information On Data Collection, Use, And Disclosure.
PHASE 2 A Simple Icon Solution to Solve Transparency Color And Symbol Icon/seal System. Works Offline, Online & On Mobile Devices. Simple, Quick Solution Requiring Minimal Technical Work. Easy-to-Understand. Incentivizes Parties With Relationship With Consumers Not To Proliferate Personal Data.
CASE STUDY: GODADDY.COM World s largest domain name registrar and hosting provider. 3,300+ employees, 600+ in-house software developers, 9 global locations including U.S., Canada, UK, Netherlands, Singapore and India. More than 10.7 million customers. 10+ corporate websites, 1 mobile website, 3 mobile apps with over 1.7 million downloads. 2.5 million paid hosted customer websites; another 2.5 million free hosted sites. Mobilized more than 700,000 customer websites as part of November 2012 Website Builder product launch. Bolstered Mobile First strategy with acquisition of M.Dot in February 2013.
REFRESHER: PRIVACY BY DESIGN 1. Proactive, not reactive - Preventative, not remedial. 2. Privacy as the default setting. 3. Privacy embedded into design. 4. Full functionality Positive sum, not zero-sum. 5. End-to-end security Full lifecycle protection. 6. Visibility and transparency Keep it open. 7. Respect for user privacy Keep it user-centric.
GO DADDY S PRIVACY PROGRAM Customer privacy owned by Go Daddy Legal Department. Team with IT Security, Internal Audit, Product and Marketing Managers, Lead Developers, and HR. Every new product, IT project, and marketing program, as well as project/program updates, undergoes privacy review as part of legal screening. Customer Information Privacy Policy in Employee Handbook specifies Privacy Policy requirements for all employees. Legal/privacy review embedded into Software Development Lifecycle (SLD). Technical collection of PII undergoes additional security review by Privacy Tech Committee.
CUSTOMER INFORMATION PRIVACY POLICY Defines PII Any and all personal information about a Customer that can be used to uniquely identify, contact or locate the Customer. Defines Sensitive PII PII subject to heightened degree of internal protection and review, generally follows data breach PII definitions. Sets Company Policy PII shall never be collected unless such collection is necessary for a legitimate business purpose related to Go Daddy s business. Where the collection of PII is necessary, only the minimum amount of information necessary to satisfy the legitimate business purpose may be collected.
CUSTOMER INFORMATION PRIVACY POLICY Prohibits disclosure of user PII to third-parties without privacy review. Provides for internal security procedures and authorized locations for PII. Provides process for notifying Privacy team in the event of an inadvertent or unauthorized disclosure of PII to any thirdparty. Addresses use of external storage devices.
CUSTOMER INFORMATION PRIVACY POLICY Provides process for privacy review; in our case, simple as email to Legal Department in connection with any new product, IT project, or marketing program, with: Summary of project, including measures to be used to secure PII. All categories of PII involved in the project. Who will have access to the PII and/or to whom it will be disclosed. The real or best estimate of the number of users whose PII will be collected/affected. Date project is scheduled to commence and/or deploy. Any relevant documents or creatives.
THE FIRST QUESTIONS 1. With what types of operating systems will the app be compatible? 2. With which Web browsers will the app be compatible? 3. Will we store app-related data in the cloud or on our own servers? 4. What is the extended cyber-enterprise related to the app? Will it access third-party apps, such as ad networks and analytics companies? 5. In which app stores will our app be available? Are we in compliance with the app stores privacy requirements? Consider all third-party agreement/tos requirements (e.g., device, OS, browser, cloud provider, ad network, etc.).
WHAT DATA WILL WE COLLECT? In addition to traditional PII, consider: Unique device identifier? Geo-location (GPS, WiFi, user-entered) Mobile phone number Email address User s name Text messages or email Call logs Contact/address book Financial and payment information Health and medical information Photos or videos Web browsing history Other apps downloaded or used
HOW WILL WE USE THE DATA? For each type of data, consider: Is the data type necessary for your app s basic functionality (ie, within the expected context of the app s functions as described to users)? Is the data type necessary for business reasons (ie, billing)? How will you use the data? Will it be necessary to store data off the device, on your servers? How long will you need to store the data on your servers? Will you share the data with third-parties (eg, ad networks, analytics companies, service providers)? If so, with whom? How will third-parties use the data? Who in your organization will have access to user data? What parts of the mobile device do you have permission to access? Can users modify their permissions?
KEY PRIVACY BY DESIGN ELEMENTS Transparency, Choice, and Control Give prior who-what-why notice and obtain a user s active consent for the collection, use, and sharing of personal information, as well as any application changes affecting privacy ( active consent occurs where a user has the opportunity to agree to the specific use of personal information) Provide just-in-time disclosures and obtain affirmative express consent before collecting and sharing sensitive information. Collect and use only reasonable amounts of information within the scope of the user s expectations Allow users to control the frequency of reminders about features which use personal information Provide users with information and choice regarding an application s privacy settings
KEY PRIVACY BY DESIGN ELEMENTS Data Retention and Security Ensure applications using unique identifiers are linked to the rightful user Protect personal information from unauthorized access or disclosure and establish justifiable retention and deletion periods Social Networking and Social Media Ensure default settings protect privacy and allow easy control of profile information Provide additional, heightened privacy measures for underage users Obtain consent for any access, use, and/or sharing of location data Mobile Advertising Inform users, prior to download and/or activation, if applications are ad-supported Obtain active consent for targeted advertising, profiling, and/or viral marketing Ensure content is appropriate for the audience
KEY PRIVACY BY DESIGN ELEMENTS Children and Adolescents Provide age-targeted information regarding the consequences of using an application Ensure the default location setting prevents a user from publishing his or her location Comply with applicable jurisdictional laws regarding the protection of children Where possible, include an age verification mechanism Accountability and Enforcement Assign responsibility for privacy issues throughout the application s lifespan Provide a means for users to report application problems.
MOBILE PRIVACY POLICY
MOBILE PRIVACY POLICY
SPECIAL NOTICES Supplement your mobile privacy policy with enhanced measures to alert users to : Collection, use or disclosure of PII not required for app s basic functionality. Accessing text messages, call logs, contacts or potentially privacy sensitive features such as camera, dialer and microphone. A change in your data practices that involves new, unexpected uses or disclosures of PII. The collection or use of sensitive information, such as precise geo-location, financial or medical information, passwords, etc. The disclosure of PII to third-parties for their own use, including use for advertising.
SPECIAL NOTICES Deliver notice in context, just before the data is to be collected. Explain the intended use and any third-parties to which data will be disclosed. Provide an easy way for users to choose whether or not to allow the collection of the data. If use of the app is contingent on collection of the data, make that clear. Include a link to the general privacy policy.
WHEN YOU GET BACK TO THE OFFICE Make someone responsible for mobile app privacy. Take stock of the data you collect and retain. Carefully scrutinize collection/integration of PII data and sensitive information such as geo-location data and user contacts access. Conduct due diligence on libraries and other third-party code. Consider any special requirements related to financial, health or kids data. Understand the differences between mobile platforms.
WHEN YOU GET BACK TO THE OFFICE Don t rely on the platform alone to protect your users. Ensure that you are generating user credentials securely. Use transit encryption for usernames, passwords and other important data. Don t store passwords in plaintext. Protect data stored on a user s device. Protect your servers. Audit app regularly following deployment.
ADDITIONAL READING AND RESOURCES Privacy On The Go - CA Attorney General's set of privacy practice recommendations to assist app developers, and others, in considering privacy early in the development process. CA Business Privacy Resources - CA Attorney General's links to helpful resources concerning privacy, data breach, Child Online Privacy Protection Act (COPPA) and other relevant privacy laws. CA AG's Developer Agreement - CA AG's agreement committing the leading operators of mobile application platforms to improve privacy protections for millions of consumers around the globe who access the Internet through applications ( apps ) on their smart phones, tablets and other mobile devices. Marketing Your Mobile App - FTC publication presenting guidelines to help developers comply with truth-in-advertising standards and basic privacy principles. Protecting Consumer Privacy In An Era Of Rapid Change - FTC report with recommended best practices for mobile transparency and protecting consumer privacy.
QUESTIONS?
THE MOBILE MAJORITY: BUILDING PRIVACY BY DESIGN INTO MOBILE APPS Clarissa Cerda, EVP, Chief Legal Officer and Secretary, LifeLock Kimberly Cilke, CIPP/US Deputy General Counsel, GoDaddy.com Timothy Sparapani Vice President, Law, Public Policy & Government Relations, Application Developers Alliance Principal, SPQR Strategies, PLLC