Ad industry self-regulators want mobile app developers to provide better notice of data collection and usage to consumers and today are unveiling guidelines for doing so. Both the Digital Advertising Alliance, which leads the industry's pervasive targeted ad privacy program, and the Network Advertising Initiative, which counts third party ad networks and exchanges as its members, are set to publish complementary new mobile data rules today.
Ad Industry Groups Intro New Rules for Mobile Data Collection
Government is bearing down on mobile marketers and their data collection habits, and the ad industry aims to get out in front of the issue. However, despite the new guidelines, which will address how marketers notify users when data is collected via mobile apps, details for implementation and compliance monitoring remain undetermined. Enforcement is a ways off, too.
Digital Advertising Alliance members will be required to present users with a standard notice of mobile data collection for advertising purposes -- most likely the DAA's AdChoices icon, a ubiquitous symbol in display advertising today. Clicking that icon will probably launch its own app which would let users choose whether to allow companies to collect cross-app data, location information and directory data.
The NAI is unveiling a similar program today. While the DAA code applies to first-party data collection, the NAI's requirements are for its third-party ad network and exchange members which gather information across websites and mobile applications for ad targeting.
"One of the greatest challenges is going to be compliance accountability and enforcement," said Marc Groman, executive director and general counsel at the NAI. "We audit every [NAI] member every single year and we have a crawler that monitors all members in the desktop space," he said, acknowledging that translating that compliance monitoring to mobile will be "incredibly challenging." Mr. Groman said developing technologies for monitoring will take six to nine months.
DAA General Counsel Stu Ingis is less concerned about technical implementation. "It's complex. I wouldn't use the word 'challenging' though," he said.
Both the DAA and NAI are in the process of choosing companies to develop monitoring systems. Evidon and Truste, firms that help advertisers comply with the DAA Ad Choices program, are running pilots for the DAA's mobile monitoring, said Mr. Ingis.
It is unclear when either organization will actually enforce their new guidelines.
Government has considered its own regulations for mobile data privacy, though not much has come of any federal or state initiatives yet. Sen. Al Franken, D-Minn., in 2011 introduced his Location Privacy Protection Act which passed Senate Committee though has yet to be re-introduced in the current Congress. The bill would require companies to obtain consent before collecting or sharing a user's mobile-location data.
The Obama administration has also taken a stab at protecting mobile privacy. The National Telecommunications and Information Administration will convene stakeholders to discuss a standard for mobile-app privacy notifications this week in Washington, D.C.
California also has partnered with companies including Apple, Google and Facebook to help ensure mobile app developers offer consumers more information about data collection.
The DAA and NAI guidelines apply only to data collected for advertising purposes while these other initiatives likely would apply to a broader set of data collection uses.
"I think that it's really incumbent on industry to get this right," said Mr. Groman. "Policy makers on both sides of the aisle are particularly focused on mobile privacy and location privacy…. As we get more innovative I think it's really incumbent on us to bake privacy by design in from the start."