New House privacy bill will require apps to gain consent before sharing personal data

New House privacy bill will require apps to gain consent before sharing personal data

Summary: A new House of Representatives bill, designed to securely maintain user data and simplify app privacy, will including provisions allowing users to demand that their data is deleted once it is no longer used.

SHARE:
1

A new privacy bill would require application developers to explicitly gain consent before obtaining data from consumers, and compel them to securely maintain that data in accordance with mandatory privacy policies.

iphone-apps
Many app-related controversies have centered around the iPhone and iPad, as one of the most popular platforms for app developers. (Image: CNET)

Rep. Hank Johnson (D-GA) brought the bipartisan Application Privacy, Protection and Security (APPS) Act 2013 to the floor of the U.S. House of Representatives on Thursday in a bid to bolster confidence in the desktop and mobile apps market, which has been at the center of a number of privacy storms in the not-so-distant past.

In the last year alone:

This is just to name a few, and politicians on both sides of the political fence are tired of it. 

The bill, if passed, would require that app developers display privacy policies and require consent from users before the app is even used. In some cases, apps already require this — many in-built Apple iPhone and iPad apps display a terms of service message and require users to sign off on it before they continue. 

Such policies would also have to explain whether their data could or will be shared with third parties, such as advertising networks. And, if a user stops using an app, they can compel the app developer to delete any data held on them. The U.S. Federal Trade Commission would enforce these privacy rules, the bill states.

A note of the key provisions states: "A developer would also maintain a data retention policy that notifies the user how long data is stored, and how to delete or opt out of data collection." Data retention policies are commonplace in the EU as a result of a European directive inscribed in member state law, but some privacy groups are opposed to mandatory data retention for ISPs, but it's not immediately clear whether this would be widely received or not.

In a House floor speech, Johnson said: "We lack basic rights to control how and how much data is collected on our phones and tablets. Data has become the oil of the 21st century, and like any other resource there must be common-sense rules of the road for this emerging challenge."

Johnson said he "learned from CISPA and SOPA," both of which caused considerable controversy, and that he "wanted to build something the right way."

Topics: Privacy, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Better than CISPA or SOPA

    It is fondly to be hoped that this bill gets through without being corrupted by anti-consumer and anti-Fifth-Amendment changes from the entertainment lobby. The problem with both those bills was that they allowed PRIVATE entities to conduct illegal searches and seizures and punish possibly innocent people extrajudicially.
    jallan32