FPF Privacy Guidance

FPF Privacy Guidance

Mobile Requirements

• Ensure that your privacy policy is adapted as needed for the mobile context (e.g., additional mobile-specific disclosures, concise language, text that can be read easily on a small screen).

• Platform Specific Privacy Rules

• If your app also runs on iOS, Android or another mobile platform, you are subject to additional privacy rules that differ depending on the platform. Reference our OS Developers & Device Manufacturer page for platform specific privacy requirements.

• Device Identifiers

• Your analytics or advertising network, or the SDK provided by those companies, may require that you provide a unique identifier so they can track and manage users. Providing identifiers, such as MAC addresses or device identifiers, has raised significant privacy concerns. You should ensure that any partners to which you provide identifiers properly protect them, such as by hashing, salting, and by providing users with the choice to opt out of tracking.

• In August 2011, Apple decided that it would phase out third party use of Unique Device Identifiers (UDID). If you are currently providing UDID to analytics or advertisers make that known to users as prominently and clearly as possible. At a minimum, describe this in your privacy policy. Its been suggested that iOS 6 provides alternatives to the UDID, however, iOS 6 has not yet been released to the general public.

• Check out our Device Identifier page for information on UDID alternatives.

• Useful Privacy Resources
  • FPF & CDT Mobile App Best Practices (pdf)
  • FPF’s App Privacy Guidelines page
  • PrivacyChoice Resource Center
  • April 2012 FPF & ADA Application Developer Summit video
  • W3C Web Application Privacy Best Practices