The App Quality Alliance (AQuA) in June added privacy-related recommendations to its mobile application development Best Practice Guidelines in light of increasing worldwide consumer privacy regulations. The new recommendations in Version 2.3 of AQuA’s Best Practices Guidelines are designed to help mobile developers address topics such as users’ rights, location data, and information security and accountability.
AQuA, a nonprofit mobile industry trade association, is comprised of eight member organizations: AT&T, LG, Motorola, Nokia, Oracle, Orange, Samsung and Sony Mobile. In March 2011, the first version of AQuA’s Best Practice Guidelines was released.
However, using the latest version of the guidelines, developers can now also navigate privacy requirements during their application development and QA processes. “The Best Practices are what you can use when you’re designing your application, and trying to work out how you should approach some of these aspects so you can avoid any errors in the early design stage,” said AQuA chairman Martin Wrigley.
“Rather than just relying on testing at the final stage, it’s far more efficient in the development process to get it right from the very beginning.”
AQuA incorporated consumer privacy-focused recommendations into its Best Practice Guidelines by working directly with the GSM Association (GSMA), a mobile industry organization that comprises more than 400 mobile carriers. Wrigley said AQuA looked to GSMA’s Mobile Privacy Initiative, which is designed to help establish universal mobile development guidelines and approaches that address consumer concerns.
In 2012, the GSMA Mobile Privacy Initiative published the GSMA Privacy Design Guidelines for Mobile Application Development, which details 29 specific guidelines to help mobile developers in the area of consumer privacy. Wrigley said some of these were incorporated into AQuA’s guidelines.
“We’ve incorporated the guidelines from the GSMA for mobile privacy because we feel that it’s important to have all this crucial information brought together in one place,” he said. “What we’ve done is show that, by working with other organizations, we can bring together a single set of best practices.”
The inclusion of the GSMA mobile privacy recommendations within AQuA’s Best Practice Guidelines “further reinforces the importance of consumer privacy as part of the app-design process,” according to Pat Walshe, director of privacy for public policy at the GSMA. “Privacy-by-design is key to winning and keeping the trust of app users,” he added.
Wrigley said it was at GSMA’s Mobile World Congress (MWC) conference in 2012 where AQuA first considered including recommendations regarding consumer privacy in its application quality-focused Best Practice Guidelines. “We were doing some sessions with developers and, as you know, privacy is a hot topic at the moment,” he explained.
“Discussion came up on privacy, and we were asked if our Best Practices cover privacy issues; we were being asked what developers should do.”
Wrigley said that when MWC attendees asked him what developers could do about privacy, his first impression was that it was a difficult topic because every country or state has its own jurisdiction. “But it comes down to…a number of good guiding principles that you can use, which actually then automatically satisfies the legislation in just about every single area, no matter whether if it’s Californian legislation or EU legislation,” he explained.
“The same underlying principles of transparency and control, paying attention to what you’re doing with the data and how you hold it, making sure that your users are educated in what you’re doing with their data, these sorts of principles are universally applicable.
“And that is what’s reflected in the Guidelines, giving developers a solid base from which to design their application, which should put them in a very good position to actually satisfy any legal requirements that they are hit with.”