Location Matters... Privacy Matters Too

Location enables mobile commerce, marketing, social and search.  But privacy allows it all to happen.  Transparency, control and choice are key to any location use.  Every Chief Location Officer knows this.  Here’s a quick refresher:

Rule #1: You need permission to locate a mobile device. Permission, often called opt-in (from our old email marketing days), can be obtained in multiple ways, from a user tap on a device to replying Y to an SMS request to signing a contract or agreeing to utilize a service.  As long as the location use is clearly explained and well understood.

Despite the widespread coverage of privacy concerns in the media and the seemingly top-of-the-agenda efforts by our Congressmen, most mobile users are comfortable using mobile services that actively tap their location.  Most people do opt-in, most people allow apps to "use your current location."  Location makes the app or service work better, improves results and value, and makes life easier for many of us.

So long as location is not abused.

Ever since the first app was launched in 2007, mobile users' privacy rights regarding the collection, storing, and sharing of their personal data have been relatively ill-defined, but broadly respected, by the developer community.

Recent events have shed greater light on the need for standardized privacy policies and disclosure to protect users' privacy.  There are hundreds of thousands of apps and developers who follow the very best-in-class location policies and guidelines.  But a few awkward examples (and bad apples) can spoil it for the whole app orchard.  Last year, for example, Path was caught uploading users' address books to its servers without those users' knowledge. Another popular app, Color, soon was under scrutiny for being able to literally tap in to users' microphones without their permission, and CarrierIQ was found to be collecting data on users' keystrokes, texts sent, and numbers dialed.

But the majority of developers large and small do not want to shake the trust of their loyal customers.  With scrutiny on the rise, mobile apps are quick to point out that they don't spend their time reading users' texts or checking out their address book for fun, it's solely for data collection to help enhance their product.  Organizations such as the MMA and the CTIA have helpful guidelines for developers on LBS (location-based services), how to obtain consent form users, when to notify them, and the like.  But many felt such industry guidelines and self-policing antics were not enough.

Enter privacy policies. The need for enforceable codes of conduct and open disclosure for mobile applications have arisen. The Future of Privacy Forum (FPF) and the Center for Democracy and Technology released a publication with titled Best Practices for Mobile Application Developers. The paper includes guidelines and tips for making privacy policies comprehensive and easy to access for users, highlighting full disclosure to users and secure connections as must-haves.

Some companies (like mine, Locaid, the world's largest Location-as-a-Service company offering a location API for developers), have been following (and indeed, setting), conservative privacy policies and rules for years.  We welcome the new publications from policy setting groups.  Any CLO should.  Publications such as these are the first step towards standardizing privacy control for mobile applications, and federal rules and regulations are not far behind.   And for those looking to incorporate mobile location into apps, companies who use Locaid's location information technology won't need to change a thing. Why? Locaid realized the importance users' privacy from the beginning, and developed an iron-clad privacy policy that is third-party certified, protects users' data, and easy to understand.

Highlights of Locaid's Privacy Policy include:

  • Locaid requires developers to have consent from users of their location data collection.
  • Locaid requires that this consent collected via a comprehensible and non-misleading vehicle
  • Locaid encrypts location information when stored or transmitted by Locaid to ensure it doesn't get into the wrong hands, and requires its subscribers to do the same.
As the mobile frontier continues to develop, so will the requirements for data collection, sharing, and disclosure. Chief Location Officers should view privacy as a priority rather than an afterthought.
It's good for your customers, and good for your company and app.