Re: Privacy Design Guidelines by GSMA from Hannes Tschofenig on 2012-04-04 (public-privacy@w3.org from April to June 2012)

From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Date: Wed, 4 Apr 2012 10:41:22 +0300
To: Pat Walshe <PWalshe@gsm.org>
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>, Richard Barnes <richard.barnes@gmail.com>, Karl Dubost <karld@opera.com>, Graham Lee <iamleeg@fuzzyaliens.com>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-Id: <E760A49C-16B0-4ED4-9E96-5678DAD55A55@gmx.net>

Hi Kasey, Richard, Pat, 

I looked at the document briefly. 

The guidelines are more or less identical to the existing privacy principles (like the OECD privacy principles). Nothing wrong with that. 

There are examples provided as well. That's good. 

My first impression: this is republishing existing privacy principles in a slightly different format. Many recommendations are common-sense (at least in theory) but a "a bit more difficult" in practice (e.g., 'keep data secure').

Here is the big question: Will this have any impact?

I personally hope it has even though I do not see the big difference to all the other privacy principles documents. I am wondering whether application developers are unaware of what controls they have to provide or whether these privacy controls are just not in their (business) interest. At least when I look at my mobile phone apps then I do get the impression that developers do not quite like data minimization... 

Ciao
Hannes

On Mar 26, 2012, at 12:25 PM, Pat Walshe wrote:

> Hi Richard,
> 
> Yes, the GSMA did talk to a lot of developers and others in the mobile ecosystem who commented on the guidelines during our public consultation on them last year. App developers we have talked to welcome guidance on this very important issue.  FYI - we also presented to the W3C on this issue. 
> 
> Here are what some carriers think about the guidelines http://www.vodafone.com/content/index/about/about_us/privacy/GSMA_applications.html & http://creatingapps.telekomaustria.com/operators-announce-initiative-for-mobile-app-privacy.html Also, here's some press commentary http://www.bbc.co.uk/news/technology-17178954 
> 
> Let's not forget that 'carriers' also develop apps for their customers and that those carriers connect an awful lot of people who trust their carriers.
> 
> You may be interested in this grass roots initiative, 'The App Makers Privacy Pledge' http://iamleeg.github.com/privacy-pledge/ which is fantastic to see.
> 
> Best wishes
> 
> Pat
> 
> 
> 
> 
> On 26/03/2012 10:11, "Richard Barnes" <richard.barnes@gmail.com> wrote:
> 
>> I'm a little puzzled here.  GSMA is an carrier association, not an app
>> developer association.  (And those are *very* *different*
>> communities.)  Did anyone actually talk to app developers about this?
>> 
>> On skimming, the content looks pretty non-controversial (at least for
>> this crowd), but I have serious doubts about a carrier-generated
>> document getting implemented by developers.  For example, the carriers
>> might be happy to say "don't collect personal information", since
>> their revenue streams don't depend on it; empirically, app developers
>> have a very different opinion.
>> 
>> --Richard
>> 
>> 
>> 
>> 
>> On Mon, Mar 26, 2012 at 11:03 AM, Karl Dubost <karld@opera.com> wrote:
>>> The GSMA organization has published guidelines for people creating mobile applications.
>>> There is at the beginning some definitions about the terms in the guidelines.
>>> 
>>>    Privacy: Privacy is a dynamic concept that can mean different things
>>>    to different people. For the purposes of these guidelines, privacy
>>>    is defined as the ability of individuals to know how their personal
>>>    information will be collected, shared and used, and to exercise
>>>    choice and control over its use.
>>>    — http://www.gsma.com/documents/privacy-design-guidelines-for-mobile-application-development/20008
>>> 
>>> Then follow a list of principles with for each of them
>>> 
>>> * Guideline
>>> * Implementation
>>> * Use Case and Examples
>>> 
>>> There is also a website http://www.gsma.com/mobile-and-privacy/
>>> 
>>> 
>>> --
>>> Karl Dubost - http://dev.opera.com/
>>> Developer Relations, Opera Software
>>> 
>>> 
>> 
>> 
>> 
> 
> This email and its attachments are intended for the above named only and may be confidential. If they have come to you in error you must take no action based on them, nor must you copy or show them to anyone; please reply to this email or call +44 207 356 0600 and highlight the error.
>

Received on Wednesday, 4 April 2012 07:42:06 UTC