The GSMA has reinforced its commitment to protecting the privacy of mobile app users by introducing its new Accountability Framework.
The industry body said it hopes the framework will be adopted by all players in the mobile ecosystem.
Eight major European operators are already implementing GSMA Guidelines that hold them directly accountable for securing the privacy of all customers using their own-brand mobile applications.
The Accountability Framework adds teeth to the Guidelines introduced in 2012.
The core elements of the Framework include: organisational commitment by senior managers to ensure Guidelines are implemented consistently throughout the company; internal programme controls to inform employees on how to implement policies and for customers to report privacy-related complaints and incidents; enforcement for noncompliant organisations – continuous non-compliance or serious breaches will lead to appropriate sanctions.
The Accountability Framework is in direct response to calls for greater responsibility and accountability in app. privacy explained Tom Phillips, chief government and regulatory affairs officer, GSMA.
“If adopted across the mobile ecosystems, the Guidelines and Framework would help ensure consistent and comprehensive levels of protection for consumers across multiple platforms.”
The aim of both initiatives is to incorporate privacy protection into the mobile apps design and development processes and address growing user concern about personal data on social networking sites and cloud services.
One problem Mark Little, principal analyst, Ovum told Mobile Europe, is that so far this only applies to operators’ own branded applications which are not the most used.
While applauding GSMA efforts to get widespread adoption, he is concerned that it will be difficult to enforce compliance throughout the whole ecosystem.
Little suggested: “It may be difficult to get application developers and OTT players to sign up as doing so will have a negative impact on their business model by potentially bringing them into conflict with data protection agencies. Many players are interested in collecting as much personal data as possible.”
European regulators have quite sharp teeth and are introducing top down policies but there is a grey area between regulations, bottom up standards and consumer acceptance where application developers and OTTPs can legally play he continued.
That mobile app privacy is an important public policy issue is undoubted: the EU is due to issue an opinion on the subject in February.