Just over a year ago, the US National Telecommunications and Information Administration (NTIA) published a code of conduct setting out practices for disclosing the information collected by consumer-oriented apps.
The idea was to provide users with a short form notice of data collection, similar to the nutrition information panels that appear on breakfast cereals and other foods.
The notice would advise whether biometric, browser history, phone or text log, contact, financial, location, or health, medical or therapy data were collected, in addition to any user files.
For example, a picture editor would reasonably want access to photos on the device, but you wouldn't expect it to upload them without your express consent. (Although what a developer says its app does and what it actually does aren't necessarily the same thing.)
The notice would also reveal whether user-specific data is shared with certain third parties, including ad networks, consumer data resellers, government entities - except where required by law or expressly permitted in an emergency - and social networks.
One of the first companies to implement data privacy short notices is AVG, which has added the notices to the About section of AVG AntiVirus for Android, AVG PrivacyFix and AVG Cleaner.
Short notices will be added to AVG's other apps over the coming months.
"Transparency and choice are foundational elements to establishing user trust. Providing these in the mobile environment is even more challenging because of the form factor constraints, so that's why we're pioneering the effort to make mobile privacy notices shorter, simpler and easier to understand," said AVG chief legal officer Harvey Anderson.
"Our AVG Short Data Privacy Notice is one step in the evolution of the old notice and consent model that will over time become the standard in all app and desktop environments."