Recently the GSMA published a document promoting a user-centric privacy framework for the mobile eco-system in response to the convergence of the mobile and web industries and the need for a “robust and effective framework for the protection of privacy, where users can continue to have confidence and trust in mobile applications and services”.

The GSMA represents the interests of mobile operators worldwide, uniting nearly 800 operators with more than 250 companies in the broader mobile ecosystem, including handset and device makers, software companies, equipment providers and Internet companies, as well as organisations in adjacent industry sectors.

GSMA is taking a lead in providing a self-regulatory set of principles (Principles) that they want their members to adhere to – indeed the Mobile Privacy Principles are stated to apply to every “responsible person” defined in the Principles as “the relevant service or application provider, the mobile operator, the handset manufacturer and the operating system or other software provider” and “even other users [that] can have an impact, particularly within social media applications”.

The Principles are intended to create a framework that identifies in broad terms privacy standards that mobile users can expect which the Principles refer to as “privacy outcomes”.   

The majority of the Principles set out in the GSMA document mirror existing international privacy principles such as transparency, notice, purpose and use, choice and control, data minimisation and retention, security and accountability.

It is good to note that the GSMA document particularly draws attention to the requirement for “responsible persons” to provide education to users as to how their personal data can be controlled by them and also focuses on the need to provide claim language information to children and adolescents.