That was the message delivered at a hearing of the U.S. Senate committee on Commerce, Science, and Transportation held yesterday. Companies and regulators are struggling to find ways to ensure that user data is handled properly by apps installed on smart phones, but the way apps are designed makes this difficult.
Mobile privacy has come under extreme scrutiny since revelations that Apple’s iPhone and Google’s Android software collect and store users’ location data. Last week, a U.S. Senate subcommittee questioned those two companies on their handling of personal data. This week, Facebook joined Google and Apple on the hot seat.
But all three companies run platforms that support thousands of third-party developers, and how to make sure those apps respect users’ privacy, and explain their rules, is a major question. Sen. Mark Pryor (D-Arkansas) said at the hearing, “It’s not clear that Americans understand how their information may be shared or transferred.”
The hearing also highlighted several reasons why it’ll be difficult to control what apps are doing with user data. It’s not clear which laws should be used to regulate third-party apps, and, in some cases, it’s hard to design proper technical requirements. “There’s no privacy law for general commerce whatsoever,” said Sen. John Kerry (D-Massachusetts). “Data collectors alone are setting the rules.”
A major initiative designed to improve consumer privacy on the Web—the proposed “Do Not Track” bill—could be hard to apply to mobile devices, regulators said. The bill would allow consumers to opt out of having their online activity tracked.