Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Evan Schuman: What to include in your mobile privacy policy

Evan Schuman | Jan. 8, 2014
If your company doesn't yet have a mobile-specific privacy policy, it's time to get to work.

This incident highlights another problem that a good mobile privacy policy should address. The chain's mobile vendor for the trial was collecting a lot of customer-specific data. In an attempt to avoid customer backlash, the agreement stated that the vendor would not share that data with Nordstrom. Unintended consequence: It made the backlash much worse. Nordstrom was getting the heat for accessing data that it was never able to access.

The moral of that story: If mobile data is collected, you will get blamed, no matter whether you see the data or not.

Your mobile policy has to address what you will allow vendors to collect about your customers, your employees and your partners. It should spell out how much of that your company should see. It should lay to rest the question of whether third parties will be allowed to collect data that you won't see. It needs to establish how you will inform your customers, employees and partners about this data collection, if at all. (There are legitimate arguments on both sides.) And you need to make your policy precise enough to be useful while not being so detailed that it is incomprehensible to people who aren't that technical.

There are few areas that are more complex, more controversial and more politically dangerous than mobile data collection. You may find that simply having these conversations will change not merely your policies, but your strategy and how you approach it.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.