California once again is looking to flex its muscles as a trend-setter in national politics and policy – this time in the area of protecting consumer privacy in the rapidly accelerating era of mobile commerce and Big Data.
Attorney General Kamala Harris – the top legal officer in a state that is home to Silicon Valley’s internationally renowned innovation in online and mobile commerce – issued a policy paper last week that provides important clues about how national discussions about mobile privacy are likely to unfold. The 22-page report – “Privacy on the Go: Recommendations for the Mobile Ecosystem” – comes nine months after the Federal Trade Commission released its two-year privacy study that mapped out key principles to make privacy the “default setting.”
As I noted at the time, the message to the industry from the FTC’s report was clear: If you don’t protect individual privacy, government will. The message from the California policy is equally noteworthy: If the issue bogs down in Washington, California will pick up the pace. The issue is of timely and critical importance because best practices in mobile commerce are still in their infancy. Players of all types – app developers, platform developers, mobile advertisers, mobile carriers, device makers, and others – are wrestling with how to stimulate innovation and mobile commerce without scaring off customers who recognize that businesses and governments have the ability to collect and study what they buy, where they go, how much they spend, and what they crave.
To date, entrepreneurs in Silicon Valley and the tech industry in general have chosen to take an “opt out” approach that requires consumers to understand and evaluate their risks. To the industry, an “opt in” approach puts profitability at risk because it is hard to overcome consumers’ anxiety, their lack of understanding, and their practical desire to avoid dealing with legal details. The California attorney general’s approach acknowledges and assents to the industry’s preference for the opt-out approach but seeks to empower consumers with more information and control over their data. Among the key recommendations specifically aimed at app developers, platform providers, mobile ad networks, operating system developers, and mobile carriers:
- Don’t collect unnecessary data in the first place. Avoid or limit the collection of data that’s not relevant to the basic functionality.
- Advise customers repeatedly and meaningfully. Provide “special notices” that flag customers’ attention to privacy controls and enable them to make “meaningful choices” about safeguarding their data.
- Don’t insinuate yourself on the consumers’ phones surreptitiously. The attorney general advises ad networks to avoid modifying a consumer’s browser settings or placing icons on their phone.
- Give consumers easier controls. The attorney general urges developers of operating systems to create easy-to-use one-stop settings that enable users to control what data multiple apps can access.
Complying with policies like this will address the legal part of the problem that involves prosecutors like the California attorney general. It is equally important to win in the court of public opinion when mistakes happen and companies seek to limit damage to their brands. Part of that answer is to proactively build trust among customers that can endure those episodes – a topic Javelin covered in “10 Trends for Financial Services in 2013.”