California State Attorney General Kamala Harris announced an agreement yesterday with six mobile app platform providers aimed at encouraging app developers to provide more accessible privacy policies. The announcement comes at an auspicious moment -- consumer outrage at the recently-discovered address book practices that Path and other app developers claim are "industry standard" shows that there's a serious disconnect when it comes to industry practices and user privacy expectations. But we should be wary about solutions that depend on walled gardens. App developers need to start baking privacy protection into their designs, and though this agreement may help encourage that, it's not clear that it's the best tool to give consumers meaningful choices when it comes to controlling what data mobile apps access and share.
The good news about yesterday’s agreement is that it may encourage app developers to start thinking through the privacy ramifications of the technology they create. And this month’s address book uploading issues shows that these companies need the external motivation. When Hipster, a photo sharing social network app, was found to be surreptitiously uploading contact lists to their servers, their CEO announced an “Application Privacy Summit” to suss out the privacy issues around mobile apps. But the promised summit was scheduled for earlier this month and still hasn’t taken place.
The AG's agreement may be one way to address these issues, but this particular program -- relying on walled gardens and closed door negotiations with the gardens' gatekeepers -- isn’t necessarily the ideal resolution for the privacy problems afflicting mobile app users. Users need to have a voice when it comes to controlling their data, and software developers need to respect their choices or be held accountable.