Mozilla has always been a friend of the Internet. The non-profit puts the user first and they made that even more clear when the corporation came out against CISPA last week. Now, it's no secret that Mozilla is developing an app store called the Mozilla Marketplace and Mozilla wants developers to make sure they aren't keeping any secrets either.
As part of Mozilla's statement on user data, they say that app developers must design their app or add-on so that "what you actually do with user data is what users think you are doing with it." Another is that developers must give users much of the control over their data whenever they possible. One suggestion is "giving [the user] the choice to opt-in to or opt-out of data collection." As a final tip, they tell app developers to limit data collection to only what they need.
On a related note, they encourage app developers to design apps with the user's privacy in mind from data collection and storage to its use. When your app raises concerns in regards to privacy, they also want developers to respond to user questions.
A big one that I'm sure many people can get behind is "Avoid secret updates." It's the shortest privacy guideline on the list, but also the most powerful. Almost every app on my Android gets regular updates, but a few of them never tell me what is being updated. Stability is not an update, tell me exactly what you're updating.
Of course, we can't talk about privacy and sharing of data without talking about social networks. Apps need to have social network integration for the people who love sharing every moment of their lives, but not everybody is comfortable with that level of sharing. That's why app developers need to make the use of social features transparent for those who fall into the latter. Developers should also give users the choice to shut off social sharing entirely.
Does your app communicate with you or anyone else in any way without express user consent? (Y/N)
Are all your app's online communications encrypted? (Y/N)
Does your app use behavioral or location based advertising?(Y/N)
To use the core features of your app, do users need to log in or connect to an account or identity aside from a user’s Persona account? (Y/N)
Think of a world where our government, or any government for that matter, applied these same privacy guidelines to its citizens. We could have better cyber protection and a comprehensive digital bill of rights. While the U.S. keeps on talking about implementing a "Do Not Track" button, it will probably do little to actually protect your privacy online.