May 30th, 2011
Most Apps’ Privacy Policies Continue To Be Missing In Action
FPF director Jules Polonetsky emphasized that app developers shouldn’t be count on the big companies who own the platforms they work with, like Facebook, Apple (NSDQ: AAPL) and Google (NSDQ: GOOG), to handle all their privacy issues for them. “App developers with limited staff or resources can end up being responsible for the data of millions of users,” Polonetsky said in a blog post about the launch of the application privacy site. “Platforms and operating systems have roles to play, but app developers themselves need to be responsible for their own practices.”
Nearly all companies that collect any consumer data online have privacy policies on their website, because of a California state law that mandates such policies be published. There’s no law clearly mandating that apps need to have published privacy policies, but it’s universally considered a good practice, even though privacy policies are often criticized as opaque and unintelligible by consumers.
In addition to the FPF analysis showing that 22 of 30 apps were missing privacy policies, a study commissioned last year by the Wall Street Journal (NSDQ: NWS) found that 45 out of 101 apps they analyzed had no privacy policies, either in-app or on the app developer’s website.
The site includes tools for developers to build privacy policies for their apps, as well as privacy news, research, and information about currently existing privacy laws.
Applicationprivacy.org is run by the Future of Privacy Forum think tank, and is sponsored by several large companies, including Facebook, Google, and AT&T (NYSE: T).
Some details from the FPF study [PDF]:
» Android fares slightly better, with four of the top ten apps having privacy policies. Another two have company-wide privacy policies but none specific to their apps.