The Digital Advertising Accountability Program released the results of two reviews of popular mobile apps that allowed ad tech companies to collect device and behavioral data from their users without first meeting industry privacy standards. Both companies, WiFi Map LLC and Ipnos Software Inc., eagerly adopted the Accountability Program’s recommendations and came into compliance with the Digital Advertising Alliance’s Self-Regulatory Principles.

The BBB National Programs’ Accountability Program examines popular mobile apps for compliance with the DAA Principles, which chiefly focuses on providing extra insight into and options about targeted online ads. In the course of its monitoring efforts, the consumer privacy program developed concerns with WiFi Map and Ipnos’ Relax Melodies.

“These app publishers obviously care a lot about their apps, and they want to do the right thing for their users. But in both cases, we noticed that some privacy issues had made it out of development and into production,” said Jon Brescia, VP of the Accountability Program. “Once we got in touch, both Ipnos and WiFi Map really demonstrated that they were highly responsible and user-focused, and they implemented all of our recommendations in record time.”

Don’t Doze on Data Privacy

Ipnos is a Canadian wellness app developer whose products focus on healthful activities like meditation, relaxation and improving sleep. While examining Ipnos’s app, Relax Melodies, the Accountability Program found ad tech companies collecting unique IDs to facilitate ad targeting. But the app lacked up-front, or “enhanced,” notice of this fact, and its privacy disclosures didn’t explain how consumers could opt-out of targeted ads. Consequently, the Accountability Program reached out to Ipnos with questions about its observations.

Once contacted, Ipnos acknowledged the Accountability Program’s test results and immediately committed to full compliance with the DAA Principles. The company updated its privacy policy to include an enhanced notice jump link and an opt-out tool, all accessible from the privacy links in its app store listings and app settings menus. Now, users of Ipnos’s apps have knowledge about targeted advertising that occurs as a result of their app usage.

Ipnos’s case demonstrates the global interoperability of the DAA Principles, expressed in this instance by a Canadian company—subject to Canadian privacy laws—adopting the best practices embodied in this code. This is further proof that the core concepts of transparency and choice can be applied across national barriers, adapting to the new regulatory contours presented by each jurisdiction.