Can an App Do That?

From CFPWiki

Jump to: navigation, search

Thursday, 11:15 a.m., webcast at

This panel will discuss what types of responsibilities platform providers and application developers may have vis-à-vis user privacy. Are privacy and openness antithetical? What is the role that the market, regulatory agencies, and/or Congress should play in establishing these responsibilities and best practices?


  • Ryan Calo: Senior Research Fellow at the Center for Information and Society, Stanford Law School. Moderator.
  • Chris Conley: Technology and Civil Liberties Fellow, ACLU of Northern California.
  • Ian Glazer: Senior Analyst of Identity and Privacy Strategies, Burton Group.
  • Jennifer Lynch: Lecturer in Residence & Supervising Attorney, Samuelson Law, Technology & Public Policy Clinic, U.C. Berkeley School of Law.
  • Erica Newland: Policy Analyst, Center for Democracy & Technology.
  • George Scriban: Senior Global Strategist, Microsoft Corporation.
  • Tim Sparapani: Director, Public Policy, Facebook.

Detailed Description

In the past two years, applications built for devices and services that range from smart phones to Personal Health Records to Web portals for Smart Grid users have become an increasingly important part of the online experience. These applications are usually offered by third parties, parties distinct from the entity offering the base service, and unknown to many Internet users, they can often collect large amounts of data from the devices on which they are downloaded and the services with which they integrate. Often this data includes location information, which can be highly sensitive and easily abused. The potential for widespread data collection is not limited to the consumer space: in the Personal Health Record (PHR) space, for example, applications designed to interface with PHRs may collect and use substantial amounts of health data.

The application boom has not been accompanied by similar growth in privacy protections for Internet users. There is little in the way of a roadmap for application store operators, application developers, or application users to guide how privacy can or should be built into the application development process and user experience. This panel seeks to explore the challenge and promise of creating such a roadmap. The views of companies that have opened their platforms for applications, developers, and advocates will all be represented on the panel, providing a unique opportunity for dialogue. The moderator will lead the panelists through four interconnected topics: the responsibilities of platform providers with respect to user privacy and the challenges and tradeoffs of offering a vetting process; the responsibilities of application developers with respect to user privacy and the appropriate level of accountability for developers; how best practices that have been used in other arenas online can be incorporated into the platform design, application development, and vetting processes; and the role that the market, regulatory agencies, and/or Congress should play in establishing these responsibilities and best practices. Finally, questions from the audience will be answered.