September 05, 2012

FTC offers guidance for mobile application development

As enterprises expand their roll-outs of mobile applications, the Federal Trade Commission wants them to be mindful of the privacy and security ramifications that go along with these advancements.

The consumer protection agency on Wednesday released new guidelines covering a number of risk vectors around application development for smartphones and tablets.

On the privacy front, the FTC advised organizations to consider privacy from the start; be transparent about data practices; provide users with choices to control their information, such as opt-out settings and collect information only after gaining consent. In addition, the agency asked businesses to live up to their privacy promises, or they may face FTC charges, which could result in fines.

"What if you decide down the road to change your privacy practices?" the document said. "You'll need to get users' affirmative permission for material changes. Just editing the language in your privacy policy isn't enough in those circumstances. And while you're taking another look at your privacy promises, read them with users in mind. Is the language clear? Is it easy to read on a small screen? Are you using design elements -- color, fonts, and the like -- to call attention to important information?"

The FTC also recommended that developers focus on security, such as ensuring applications only collect pertinent information, are protected against obvious risks and properly dispose of information when it's no longer needed.

The advice comes as enterprises gear up for significant application investments in smartphones and tablets in an effort to increase employee productivity and respond to customer demands.

A recent report from analyst firm Gartner predicted that application development (AD) projects for mobile devices will outnumber traditional app projects by a 4-to-1 ratio in three years.

"Emerging mobile applications, systems and devices are transforming the AD space rapidly, and are one of the top three CIO priorities at the enterprise level," the firm said. "Gartner research found that CIOs expect more than 20 percent of their employees to use tablets instead of laptops by 2013, hastening the process of change as AD tools and applications evolve to address the requirements of these new devices."

Related Articles
Related Topics
Related Links

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.