Location enables mobile commerce, marketing, social and search. But privacy allows it all to happen. Transparency, control and choice are key to any location use. Every Chief Location Officer knows this. Here’s a quick refresher:
Rule #1: You need permission to locate a mobile device. Permission, often called opt-in (from our old email marketing days), can be obtained in multiple ways, from a user tap on a device to replying Y to an SMS request to signing a contract or agreeing to utilize a service. As long as the location use is clearly explained and well understood.
Despite the widespread coverage of privacy concerns in the media and the seemingly top-of-the-agenda efforts by our Congressmen, most mobile users are comfortable using mobile services that actively tap their location. Most people do opt-in, most people allow apps to "use your current location." Location makes the app or service work better, improves results and value, and makes life easier for many of us.
So long as location is not abused.
Ever since the first app was launched in 2007, mobile users' privacy rights regarding the collection, storing, and sharing of their personal data have been relatively ill-defined, but broadly respected, by the developer community.
Recent events have shed greater light on the need for standardized privacy policies and disclosure to protect users' privacy. There are hundreds of thousands of apps and developers who follow the very best-in-class location policies and guidelines. But a few awkward examples (and bad apples) can spoil it for the whole app orchard. Last year, for example, Path was caught uploading users' address books to its servers without those users' knowledge. Another popular app, Color, soon was under scrutiny for being able to literally tap in to users' microphones without their permission, and CarrierIQ was found to be collecting data on users' keystrokes, texts sent, and numbers dialed.
But the majority of developers large and small do not want to shake the trust of their loyal customers. With scrutiny on the rise, mobile apps are quick to point out that they don't spend their time reading users' texts or checking out their address book for fun, it's solely for data collection to help enhance their product. Organizations such as the MMA and the CTIA have helpful guidelines for developers on LBS (location-based services), how to obtain consent form users, when to notify them, and the like. But many felt such industry guidelines and self-policing antics were not enough.
Enter privacy policies. The need for enforceable codes of conduct and open disclosure for mobile applications have arisen. The Future of Privacy Forum (FPF) and the Center for Democracy and Technology released a publication with titled Best Practices for Mobile Application Developers. The paper includes guidelines and tips for making privacy policies comprehensive and easy to access for users, highlighting full disclosure to users and secure connections as must-haves.
- Locaid requires developers to have consent from users of their location data collection.
- Locaid requires that this consent collected via a comprehensible and non-misleading vehicle
- Locaid encrypts location information when stored or transmitted by Locaid to ensure it doesn't get into the wrong hands, and requires its subscribers to do the same.