The last few weeks have seen some interesting moves around mobile privacy and consumer trust.
Business Insider reports that taxi / ride-share app, Uber, may be collecting seemingly unrelated user data including SMSLog call history, Wi-Fi connections used, GPS locations and every type of device ID possible. Elsewhere Twitter has been under the spotlight for announcing that it will start tracking which (other) apps its users have downloaded.
Below, we asked some top mobile executives what they thought of the current debate around privacy and consumer trust and how companies can take the right measures to observe good practice.
Business Development Director
Spring Mobile Solutions
Yuri Fiaschi, Business Development Director, Spring Mobile Solutions
The security issue increasingly haunts people, especially when there are alerts on news saying that applications are collecting data indiscriminately, without permission.
The most important to establish a good trustful relationship is to be transparent, asking end user’s authorization and doing exactly what was proposed. Even more important than request user’s authorization is giving them a clear option to cancel the authorization, if they want to do so. Sometimes the number of authorizations can decrease, especially when the company is just starting to ask permission, but the confidence in the product, company and service will be much higher.
Users do not care a lot about privacy issues when they know that this is happening, and that information will be used to reflect on a product or service improvement for themselves.
This is not a new matter, for a long time software’s installed in our computers are asking permission to analyze errors and user data to improve the user experience, and it is not few the end users who gave authorization, showing that it is not a veiled subject and the user is open to it.
Regarding the safety matter, self-regulation is always better than an order from a government body, and the fact that companies start to do everything transparently will give security to the user that will become partner, not only customer, of the companies, helping the progress of our industry.
Chris Davies, General Counsel EMEA & Head of Privacy, InMobi
There have been a number of recent high profile incidents involving companies such as Uber, Airbnb and Whisper, which have indicated some of the perils involved with explosive growth tech businesses gathering vast amounts of sensitive personal information. Is this a new development? Well no. It seems that we are still talking about exactly the same issues and concerns facing app publishers and smartphone users one year down the line. If you have visited a news or tech website relating to Apps on any given day in 2014 the App privacy stories are alarmingly still the same as 2013. Even within the last week my own favourite App Twitter is now viewing all of my installed apps on my device to build a more tailored experience (unless I actively change my settings to stop this intrusion).
Do consumers care about these daily privacy stories and do they understand the implications of giving up their user data? The concern is that although a small minority of users are electing to stop using some of the Apps mentioned above following revelations about misuse of data, the majority still continue to utilise these Apps, irrespective of whether they are aware that some are collecting alarming amounts of seemingly unrelated user data with no real relevance or relationship to the purpose of the App.
Unfortunately there is currently no silver bullet to immediate resolve these issues without unified industry self regulation. The solutions can only be developed through increasing numbers of App publishers continuing to adopt privacy by design to constantly strive to place privacy and consumer trust at the centre of the user experience.
Todd Daubert, Partner, Dentons
Recent scandals about how Uber and Twitter collect and use data confirm that we are in the awkward teenage years of the technological evolution sparked by widespread adoption of mobile applications and the increasing availability of diverse data streams from these Apps and the “Internet of Things.”
We will continue to suffer growing pains because the public generally does not understand (1) how these technologies work, (2) how they can be used for good or harm (and whether specific uses are beneficial or harmful), or (3) how individuals can reap the benefits of these technologies without suffering harm. Most app developers and service providers seek to preserve as much flexibility for themselves as possible during this evolution even if they do not have specific or finalized plans for using the data they collect, which can result in vague and confusing disclosures. Overarching concerns about data security and potential liability exacerbate these growing pains and increase the risk that regulators will unnecessarily limit the potential benefits of technology in their efforts to protect the public.
Although we will eventually outgrow this awkward phase, app developers and service providers can ease the transition by designing products and services with a clear vision about how data is collected and used, and by communicating this vision as simply as possible to end users through all possible means rather than relying solely on a privacy notice that very few people read, and even fewer understand.
PREISKEL & CO
Danny Preiskel , Senior Partner, PREISKEL & CO
Recent concerns with Uber’s use of personal data have shown that many mobile apps still have much to improve in terms of transparency of processing of personal data. Consumers remain unaware of how their personal data is being processed by mobile apps as the privacy notices are usually too long and complex. Although most apps request users’ permission to collect their personal data, they fail to explain how consumers’ personal information will be used. For example, an app might request access to the user’s location without further explanation about the purposes for which such data is being collected.
Processing personal data fairly and lawfully is the first principle of the EU Data Protection Directive. Fairness requires transparency about what data is being collected and the purposes for which such information will be used. If adopted, the proposed EU Data Protection Regulations will improve consumers’ data protection in respect of mobile apps as it introduces the concept of ‘privacy by design’. This means that app developers will have to build privacy controls into systems from the start, meaning the mobile app industry will be challenged to adapt privacy notices and policies to the usability of their products.
Ensuring that mobile apps are transparent in how they use personal data, is the first step to ensure consumers can make a conscious choice in respect of use of their personal data.
MD, UK & Ireland
Allen Scott, Managing Director UK & Ireland, F-Secure
Human beings value that which is precious (i.e. rare). In a digital world, copies are cheap and data is trivial to produce. That’s one of the great beneficial powers of digital technologies. But in such a world, data becomes ubiquitous – so much of our data can no longer be considered rare. Is it any wonder that consumers don’t consider it to be precious? And if it isn’t precious, can we really expect people to consider it to be private and worth protecting?
Consumers do care about their privacy – but understanding the costs and benefits of using free services is not intuitive. It’s quite complicated. And where there are complications – there is mistrust.
App owners and publishers can definitely do a lot better to simplify their communication. But in addition to that, a conversation is needed. What is and isn’t precious information? How are both types of information used and to the benefit of whom? That conversation should be at the centre of user experience and both sides need to be actively engaged if we are to have any hope of dispelling mistrust.
VP of Marketing
Dave Deasy, VP of Marketing TRUSTe
With free services, consumers are the product. Some consumers know this, but many others don’t, which should be a major concern to companies who want to collect data while building trust with customers and avoiding risk. Only 59% of U.S. Internet users know that smart devices can collect data about their personal activities, according to research by Ipsos MORI on behalf of TRUSTe. The same surveyed showed consumers are concerned about data collection and want to know more details about what information is being collected and why it’s collected.
Many companies have privacy policies written in legalese, which is difficult for anyone but an attorney to thoroughly understand. Also, recent stories in the news about companies suspected of collecting more consumer data than their privacy statements promise lose credibility, which can be difficult to regain. Consumers want privacy policies that are in clear, understandable language, and a guarantee that the company is living up to its privacy promises.
Customers care about privacy issues but they also like free apps. When companies are transparent, consumers can make informed decisions about whether or not they want to share their data. Consumers won’t stop using free applications — even if some of their data is shared, but consumer trust and loyalty can be lost if companies aren’t transparent with data collection practices.
Peter Beardmore, VP, Global Strategic Alliances and Mobile Business Development, Kaspersky Lab
The scrutiny stemming from recent privacy concerns relating to apps from Uber and Twitter is now part of a trend, which is actually quite healthy. The Facebook Messenger app was the subject of similar scrutiny a few months ago. And who can forget iCloud-Celebrity-Nude-Photo-gate?
The underlying issues are not unique to any specific service provider and the reality is that consumers are confused. They simply don’t know: What of their data do cloud-service providers have access to and store? Where does the data reside? How is the data used (now and in the future)? Who else has access to it (now and in the future)?
At Kaspersky, these themes have been emphasized for years, resulting in policy, transparency, and technology meant to ensure customer privacy. But despite these efforts, probably not many of our customers could answer the questions above. Communication and education are ongoing and require continuous development. Privacy in the age of mobile and cloud is in its infancy. Real and defacto standards, legislation and new technology all require development. And, unfortunately, it’s going to take a while. In the meantime, scrutiny is good and will help to accelerate answers. More leadership is needed. We’re working hard at this, and we invite conversations with other vendors and service providers who are interested in helping to solve these complex challenges.
Andrew Bud, Global Chair, MEF
The latest allegations that well-known apps are hoovering up consumer data without permission or evident motive should ring alarm bells throughout the industry. In some jurisdictions this kind of behaviour can be illegal, but many will consider it unethical everywhere. There can be many good reasons why services need – or in future may need – lots of data, some of it not obvious. But to do so without telling the consumer what is being done and why, in a way they can understand to gain their informed consent, is a recipe for disaster.
The mobile content and commerce industry has learned on several occasions what happens when the need for consumer trust and true understanding is ignored. Businesses can be built rapidly and profitably, but not durably. The MEF Global Consumer Survey shows how, each year, consumer concern about the gathering and user of their data is growing. MEF continues to evangelise the need to bring consumers along with these evolving business practices. Intelligent use of the vast data resources available from mobile devices, coupled with transparency and informed consumer consent will be the critical tools for our industry to grow great and stay great.
Silvio Kutic, CEO, Infobip
Consumers have grown accustomed to conducting everyday tasks on their devices and mobile alternatives to online services are now expected. However, for the businesses that provide these apps, juggling data protection in the digital age with a growing appetite for mobile is a tall order. Many of the features users take for granted require access to personal data. Businesses need to make users aware that their applications have access to this information.
The latest push notification technology can deliver relevant, targeted information based on interest, location or app activity. As a result, push notifications can be used to make users aware of what data they’re sharing when on the move or to flag when an app is performing certain functions in the background.
Push notification technology can also store data on user behaviour to create rich anonymised profiles for future analysis and planning, helping developers to ensure they stay one step ahead of the curve when it comes to privacy considerations.
Fortunately, today’s businesses no longer need to handle these considerations on their own. Businesses can choose to work with specialist partners who provide push notification services, freeing themselves to focus on marketing and revenue generation rather than getting weighed down in ensuring users are in control of their data.
If you would like to contribute a comment to this article contact us at firstname.lastname@example.org or leave your thoughts in the replies below