The findings presented in an article by German magazine Computerwoche published on Feb 11, 2014, are a forceful reminder that messages about excessive data capture via mobile apps seem to have gone unheeded so far. As reported, tests by TÜV Trust IT established that “almost one in two mobile apps suck up data unnecessarily”.
What’s “unnecessary” of course depends on your viewpoint: it may seem unnecessary to me if my mobile email app captures my location; the provider of the app, on the other hand, could be capturing the information to provide me with a better service and/or to make money from selling such data to a third party. The trouble is that I don’t know, and I don’t have a choice if I want to use the app. From a consumer perspective, this is not a satisfactory situation; I’d even go as far as calling it unacceptable. Not that it matters what I feel; but privacy advocates and regulators are increasingly taking notice. Unless app providers take voluntary measures, they may see their data capture habits curtailed by regulation to a greater degree than would otherwise be the case.
Let’s step back a moment and consider why so many mobile apps capture more data than is strictly speaking necessary for the functioning of the app:
This morning, as I was writing this blog post, I got an email from one of my colleagues, saying "Is it weird that since Google bought Nest, I no longer want one?" Her sentiment isn't that unusual because, as it turns out, plenty of people feel like Google + Nest = HAL. (It's hard to miss the resemblance)
My colleague Frank Gillett just published a post outlining a collection of ten key thoughts about the acquisition. As the privacy-identity-personal data wonk advising Forrester's marketing strategy clients, I thought I'd drill down on some of the more salient points for those issues.
Data Privacy Day is on January 28. But isn't all hope lost when it comes to the P-word? Interestingly, Daniel Solove is one key expert who doesn't think so: His recent Year in Privacy roundup sounds a number of positive notes, largely having to do with regulatory pressure driven by public pressure. In the age of the customer, we really can see "water wear away stone" when ordinary people demand change.
My colleague Fatemeh Khatibloo recently published some must-read research on contextual privacy: a framework for negotiating the collection and use of personal data that ensures a fair value exchange for both the customer and the business. Don't miss the blog post where she lays out some takeaways:
Privacy isn't dead, it just needs redefining.
Privacy will be a market differentiator.
Privacy technology will disrupt the marketing ecosystem.
As 2013 comes to a close, it's clear to me that much of the rhetoric about privacy's death was not only premature but downright wrong. Just in this past week, there have been several events that point to how very alive and critically important the topic of privacy is:
The US Senate Committee on Commerce, Science, and Transportation released a report (in advance of a public hearing) about the practices of the data brokerage industry, and how they impact consumers. The report claims that "data brokers operate behind a veil of secrecy, subject to limited statutory consumer protections." This certainly portends the possibility of new legislation being introduced by the committee in 2014.
US District Court Judge Richard Leon ruled that the bulk collection of millions of Americans' call records likely violates the Fourth Amendment of the Constitution. While conflating surveillance with marketing privacy is a dangerous thing, I suspect that this ruling will draw further attention to the volume, scale, and methods of data collection, irrespective of who's doing the collecting.