Policymakers are focused on bringing order to mobile apps. | REUTERS A code of conduct for apps

As smartphone-crazed consumers fiddle with Angry Birds and challenge each other on Words With Friends, policymakers are playing a different game: bringing order to mobile apps.

To Washington, the daily deals tools, social networks and other programs that consumers download onto their smartphones present new challenges to consumer privacy and security. Lawmakers are keenly aware of the horror stories of apps surreptitiously accessing user address books or broadcasting location data sans permission.


“There is an expectation of privacy when you use a mobile device, particularly when using an application that can collect and transmit personal information such as geolocation,” said Sen. Jay Rockefeller (D-W.Va.), chairman of the Senate Commerce Committee. There’s a “lot of work to do to make sure that consumers have control over what personal information is being collected about them and that companies respect consumer privacy.”

The result has been a classic Beltway power struggle: A cutting-edge-yet-still-neophyte industry boasting millions of dollars in revenue is looking to stave off regulation from the wary sheriffs on Capitol Hill and at regulatory agencies.

Here are the three key areas Washington is watching:

Protecting privacy

There’s no shortage of fodder for the feds who feel the smartphone app industry could use a little discipline.

In the past few months, apps for some of the tech industry’s top companies — Facebook, Path and Twitter — took considerable heat from lawmakers for copying user address books without permission, even though the functionality in most cases was meant to help users find their friends.

The Obama administration’s tech and telecom advisory arm is also setting its sights on mobile privacy, suggesting apps could be one of the first industries it targets as it helps industry adopt online privacy codes of conduct. The agency has not yet decided if it will actually tackle mobile or app issues, but app groups in Washington say the National Telecommunications & Information Administration has already made its interest in that area known — and that has some concerned that policymakers will rush in with misguided regulations.

Other apps caught flak for accessing photos on Android and iPhone devices without the knowledge of users.

Still others outraged privacy hawks, not because of the ways the programs functioned behind the scenes but for their explicit purposes — such as the app Girls Around Me, a tool that noted when women had checked in nearby on Foursquare and Facebook. It has since been pulled by its maker.

On a broad level, consumers are “maybe aware there are privacy implications of using smartphones, but I don’t think they get the value proposition there — getting free or low-price apps in exchange for their information,” said Justin Brookman, director of the Center for Democracy & Technology’s project on consumer privacy.

It’s just one of the reasons federal regulators are so primed to act.

The Federal Trade Commission last year issued its first settlements against app developers for running afoul of long-standing privacy rules protecting children under age 13. Members of Congress, meanwhile, have written letters over the past several months to app companies and smartphone makers asking about their information collection practices.

“I think mobile has to be part of the initial discussion … [but] as a first section we need to deal with, it establishes a false view that it’s really mobile where the issues lie,” said Morgan Reed, executive director of the Association for Competitive Technology. ACT works with app developers and counts Microsoft among its supporters.

Reed, whose group traveled to Washington for meetings with regulators this month, said the real issue is mostly where the data reside and with whom it’s shared — not that a mobile app was the conduit for that information.

Washington isn’t alone in its interest. California is taking a stand against what its attorney general, Kamala Harris, has seen as inadequate work by apps and their online stores to notify consumers of information collection practices. Under an agreement reached in February, six of the largest mobile companies have promised to require their apps to display privacy policies. Stakeholders most recently met in early May to discuss their progress.

Location tracking

While app stakeholders track the dual processes in Washington and California, privacy experts inside the Beltway are tracking a parallel debate over geolocation technology — the apps and other tools that can pinpoint a user’s location with surprising specificity.

A growing number of services — the most well-known of which is Foursquare — allow consumers to inform their friends of their whereabouts. Facebook and Twitter help users tag their posts with their locations. Others, such as the no-longer-available Girls Around Me, drew from sources without asking users’ permission.

Congress has already entered the debate, holding hearings on apps and geolocation privacy. Sens. Al Franken (D-Minn.) and Richard Blumenthal (D-Conn.) have introduced a bill that would generally require apps to seek permission before collecting and using location data. But the app industry is mostly hoping it can keep Capitol Hill out of the development of geolocation practices.

“My sense is that geolocation, like a number of other issues, is always going to be a sensitive topic no matter what kind of technology we’re talking about,” said Tim Sparapani, the senior adviser for policy and law with the Application Developers Alliance, a new group formed with support from Google, Research In Motion and others.

“So it’s incumbent upon the app industry to learn what happened from prior tech and build in the safeguards that we know a bunch of apps are [already] building,” he said.

More likely to drive debate, though, is the geolocation data that governments and law-enforcement agencies can obtain from users with smartphones — with or without apps. A key decision by the Supreme Court earlier this year cast into jeopardy the government’s legal rationale for obtaining geolocation data without a warrant, said Jot Carpenter, vice president of government affairs with CTIA, an association representing wireless companies.

That decision has resonated on the Hill, where a House subcommittee last week held a hearing on a bill that would set limits on how law enforcement can obtain and use geolocation data. It was the first such hearing on the proposal, which has a Senate counterpart.

The Senate Judiciary Committee has not yet scheduled a hearing on the topic, but supporters of geolocation legislation remain hopeful.

“The Supreme Court has practically begged Congress to step in and provide some clear rules for location tracking technologies,” said Sen. Ron Wyden (D-Ore.), one of the bill’s sponsors. He predicted the House effort “will help increase our momentum.”

Mobile wallet safety

The growing interest in turning smartphones into virtual wallets — storage units for digital credit cards, ticket stubs and IDs — has triggered another debate at the intersection of new technology and old federal rules.

While banks, credit card companies and tech giants spar over the physical means of making those kinds of transactions possible, regulators have started thinking about how old financial laws apply to the new ways of doing business — literally.

The broad issue of mobile payments prompted the FTC to hold a daylong workshop on the issue, focused in part on apps. Twice now, congressional committees have weighed mobile payments issues during hearings; the Senate Banking Committee is set to hold another hearing next month, a panel spokesman told POLITICO. Close watchers of the debate see every reason for the scrutiny to continue.

“I think the FTC is going to be involved, at least setting best practices for things like how data is handled and privacy policies for mobile apps, and that will likely to some degree involve mobile wallets,” said Daniel Castro, senior analyst at the Information Technology & Innovation Foundation.

Noting the wide array of actors in this space — banks, card issuers, tech companies and wireless giants — Castro said there simply “can’t be five different regulators setting the data standards for all of those.”

Apps are only a small portion of the broader conversation about mobile payments. But the industry has a great stake, Sparapani said.

“Virtually every bank, virtually every credit card, many merchants are all creating their own apps,” he explained of the digital wallet and mobile payment industry. “I think it’s a fight right now over market share and who gets to take the benefits of being the payment processors or the digital wallets, rather than that there is any clear need for any regulation and legislation.”

This article tagged under: Technology

Apps

Smartphones