Mobile app developers should pay close attention to the current controversy over smartphone data privacy. Would-be whistleblowers say modern smartphones -- including the iPhone and all models of Android phones -- track and store an ongoing record of wherever their owners travel, even when no applications that require location data are running. Prominent lawmakers have questioned Apple and Google for clarification of their location-tracking policies, while the allegations have already spurred a class-action lawsuit against Apple in Florida.
For their part, smartphone makers deny the charges. Apple this week issued a Q&A document addressing the issue, stating, "Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so." Even Microsoft, in a preemptive move against any similar allegations, issued a document detailing some of the location data policies of Windows Phone 7.
But location data is just some of the sensitive information found on smartphones. The typical user's phone might also contain contact information for friends and colleagues; dates and times of past meetings and future appointments; photographs and videos; and details of who the user contacted and when, whether it was via voice, email, SMS, IM, or social networking -- often including a verbatim transcript of the message.
[ Before the iPhone location "scandal" broke, InfoWorld's Galen Gruman warned mobile developers to not abuse location data. | Bill Snyder argues that Silicon Valley firms have learned they can get away with stonewalling users on issues like location privacy. | Subscribe today to the Developer World newsletter. ]
Mobile apps can analyze and manipulate this data for all kinds of useful purposes; that's their greatest value. But it also means app developers bear every bit as much responsibility for users' privacy as the smartphone manufacturers themselves. If they don't treat that responsibility with sufficient respect, they stand to suffer the same backlash.
What's the big deal?
It's easy to discount consumers' concerns by citing the realities of the mobile app market. App buyers are a frugal bunch. The average app on the iTunes App Store retails for less than $5, while in the Android Market, free seems to be the preferred price point. As a result, developers often must turn to alternate sources of revenue to fund their products -- and if that means pushing a little location-based advertising, where's the harm?
What's more, access to user data on smartphones is on a strictly opt-in basis. Before an app can be installed, the user must first approve a list of permissions outlining exactly which data and phone functions the app intends to access. Everything is disclosed up front and in plain English.
From the user's perspective, however, these arguments sound disingenuous. When every week seems to bring another news story about a data breach resulting in the theft of customer data, customers are growing increasingly jealous of their privacy. Given the unique nature of the data to be found on smartphones, it's only natural that they have begun to view mobile apps with a skeptical eye.
For example, on the Amazon Appstore for Android, the game Farm Frenzy normally retails for $1.99, and for a limited time it was available for free. By some accounts it's an addictive diversion. Nonetheless, Farm Frenzy has more one-star ratings than all other ratings combined. The typical one-star review reads like this one, from Paul Wilson of Dallas: "No way will a game have access to my contact list or call log. Next they'll want me to send them a key to my house so they can go through my bank and tax statements."