The recent hacking of Twitter accounts has heightened the concern many people feel about the privacy and security of mobile applications. Those concerns might have been part of the motivation for the bill introduced May 9th by Representative Hank Johnson (D-GA).  The bill, H.R. 1913, is called the “Application Privacy, Protection and Security (APPS) Act 2013.” (see Zack Whittaker’s article, “New House privacy bill will require apps to gain consent before sharing personal data”; http://www.zdnet.com).

The Congressman’s bill, if enacted, would require that application developers comply with the following:

  1. Gain explicit consent from consumers before the application is used;
  2. Gain explicit consent from consumers before gathering personal from them;
  3. Maintain the personal data that is collected in accordance with mandatory privacy policies;
  4. Display their privacy policies; and
  5. Have privacy policies that explain the following:
  • how personal data would or could be shared with, for example, third parties for advertising or marketing purposes;
  • how long the personal data will be retained; and
  • how consumers can either opt out of data collection and/or ask that their data be deleted if they stop using the application.

H.R. 1913 embodies many core privacy principles.  It’s impossible to predict any bill’s chances on the very long road to being enacted into law.  Regardless of whether it gets enacted, H.R. 1913 is very helpful in focusing greater attention on privacy and security issues associated with mobile applications.