- Not enactedThe President has not signed this bill
- The senate has not voted
- The house has not voted
House Committee on Energy and CommerceCommerce, Manufacturing, and TradeIntroducedMay 9th, 2013
- house Committees
Bill DetailsOfficial information provided by the Congressional Research Service. Learn more or make a suggestion.
The Congressional Research Service writes summaries for most legislation. These summaries are listed here. Countable will update some legislation with a revised summary, title or other key elements.
Application Privacy, Protection, and Security Act of 2013
To provide for greater transparency in and user control over the treatment of data collected by mobile applications and to enhance the security of such data.
Application Privacy, Protection, and Security Act of 2013 or the APPS Act of 2013 - Directs mobile device application developers, before the application collects personal data about the user, to notify the user and obtain the user's consent regarding the terms and conditions governing the collection, use, storage, and sharing of such personal data. Excludes from such notice and consent requirements any "de-identified data" that cannot reasonably be used to identify or infer information about, or otherwise be linked to, a particular individual or mobile device, as determined with a reasonable level of justified confidence based on the available methods and technologies, the nature of the data at issue, and the purposes for which the data will be used. Requires developers to: (1) provide users with a method to withdraw such consent and to request that the developer delete personal data or refrain from further data collection or sharing, and (2) take measures to prevent unauthorized access to personal and de-identified data. Requires violations to be treated as unfair or deceptive acts or practices under the Federal Trade Commission Act. Directs the Federal Trade Commission (FTC) to promulgate regulations to implement and enforce this Act. Authorizes states to bring civil actions in federal court on behalf of affected state residents. Declares that nothing in this Act prohibits a developer from disclosing or preserving personal data or de-identified data as required by other federal laws or, except when superceded by this Act, the laws of a state or political subdivision, including court orders. Permits a developer to satisfy the requirements of this Act by adopting and following a code of conduct for consumer data privacy that: (1) was developed in a multistakeholder process convened by the National Telecommunications and Information Administration (NTIA), as described in the document issued by the President on February 23, 2012, entitled Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy; and (2) is approved pursuant to FTC regulations.