NTIA Releases Short Form Code of Conduct Notice for Mobile App Transparency | Practical Law

NTIA Releases Short Form Code of Conduct Notice for Mobile App Transparency | Practical Law

The US Department of Commerce's National Telecommunications and Information Administration (NTIA) has released a Short Form Notice Code of Conduct to Promote Transparency in Mobile App Practices.

NTIA Releases Short Form Code of Conduct Notice for Mobile App Transparency

Practical Law Legal Update 7-535-9325 (Approx. 4 pages)

NTIA Releases Short Form Code of Conduct Notice for Mobile App Transparency

by Practical Law Intellectual Property & Technology
Published on 01 Aug 2013USA (National/Federal)
The US Department of Commerce's National Telecommunications and Information Administration (NTIA) has released a Short Form Notice Code of Conduct to Promote Transparency in Mobile App Practices.
On July 25, 2013, the US Department of Commerce's National Telecommunications and Information Administration (NTIA) released a Short Form Notice Code of Conduct to Promote Transparency in Mobile App Practices intended to promote transparency in mobile app practices concerning the collection and sharing of consumer information with third parties. The code was developed through the Department of Commerce's Multi-stakeholder Process on Application Transparency and incorporates guidance from a variety of sources, including:
  • Privacy groups.
  • Civil liberty groups.
  • Consumer advocates.
  • App developers.
  • App publishers.
The code requires participating app developers and publishers to ensure that their short form notices describe:
  • Whether the app collects any of the following types of data:
    • biometrics;
    • browser history;
    • phone or text log;
    • contacts;
    • financial information;
    • health, medical or therapy information;
    • location; and
    • user files.
  • A means of accessing a long form privacy policy, if one exists.
  • Whether the app shares any user-specific data with any of the following categories of third-party entities:
    • ad networks;
    • carriers;
    • consumer data resellers;
    • data analytics providers;
    • government entities;
    • operating systems and platforms;
    • other apps; and
    • social networks.
  • The identity of the entity providing the app.
The code also requires:
  • That the short-form notice comply with certain design elements.
  • Participating app developers and publishers to provide consumers with ready access to each participating app's data usage policy, terms of use or long form privacy policy and an explanation of the app's data retention policy, in each case if they exist.
The code of conduct is limited to short form notices concerning collection and sharing of consumer information with third parties. It notes that there may be other regulatory or privacy laws, such as California's Online Privacy Protection Act, which require app developers to also post a long form privacy policy.
For more information on mobile app privacy issues, see Practice Note, Mobile App Privacy: The Hidden Risks. For a long-form mobile app privacy policy, see Standard Document, Mobile Application Privacy Policy.