Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Third-party apps are the weakest link in user privacy on smart phones. They often get access to large quantities of user data, and there are few rules covering how they must handle that data once they have it. Worse yet, few third-party apps have a privacy policy telling users what they intend to do.

That was the message delivered at a hearing of the U.S. Senate committee on Commerce, Science, and Transportation held yesterday. Companies and regulators are struggling to find ways to ensure that user data is handled properly by apps installed on smart phones, but the way apps are designed makes this difficult.

Mobile privacy has come under extreme scrutiny since revelations that Apple’s iPhone and Google’s Android software collect and store users’ location data. Last week, a U.S. Senate subcommittee questioned those two companies on their handling of personal data. This week, Facebook joined Google and Apple on the hot seat.

But all three companies run platforms that support thousands of third-party developers, and how to make sure those apps respect users’ privacy, and explain their rules, is a major question. Sen. Mark Pryor (D-Arkansas) said at the hearing, “It’s not clear that Americans understand how their information may be shared or transferred.”

The hearing also highlighted several reasons why it’ll be difficult to control what apps are doing with user data. It’s not clear which laws should be used to regulate third-party apps, and, in some cases, it’s hard to design proper technical requirements. “There’s no privacy law for general commerce whatsoever,” said Sen. John Kerry (D-Massachusetts). “Data collectors alone are setting the rules.”

A major initiative designed to improve consumer privacy on the Web—the proposed “Do Not Track” bill—could be hard to apply to mobile devices, regulators said. The bill would allow consumers to opt out of having their online activity tracked.

0 comments about this story. Start the discussion »

Credit: Technology Review

Tagged: Communications, Google, Apple, Facebook, mobile, privacy, apps

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me