6
UPDATE TO THE
NAI Mobile
Application Code
2015
d. A conspicuous link to, or description of how to access, an Opt-Out Mechanism for Cross-
App Advertising.
Commentary: ThisprovisionoftheAppCodeisintendedtohelpensure,totheextent
practicable,thatusersareprovidednoticeofCross-AppAdvertisingpriortoacquiringan
application,recognizingthatNAImembersgenerallyareunabletoprovidesuchnotice
themselves,becausetheydonotcontroltheapplicationortheappstore.
4. As part of members’ overall efforts to promote transparency in the marketplace, members
should make reasonable efforts to conrm that applications where the member collects data for
Cross-App Advertising furnish notices comparable to those described in II.B.3 above.
Commentary: Asonerecommendedapproachmembersmay,forexample,regularlychecka
reasonably-sizedsubsetoftheapplicationswheretheycollectdataforCross-AppAdvertising
toconrmthatappropriatenoticeisbeingprovidedonthewebsite(s)and/orintheappstore(s)
wheretheapplicationmaybeacquired.
5. EnhancedNotice:Members shall provide, or support the provision of, notice of Cross-App
Advertising data, including any PII, collection and use practices and the choices available to users
in or around advertisements that are informed by such data.
4
If notice cannot be provided in or
around such advertisements, members should take steps to arrange for the application provider
serving the advertisement to provide notice within the application:
a. As part of the process of downloading an application to a device, at the time the
application is launched for the rst time, or when the data is accessed; and,
b. In the application’s settings and/or privacy policy.
Commentary: TheNAIrecognizesthatitmaybeimpracticaltodeliverenhancednoticein
oraroundanadvertisementonsomedevices.Insuchcases,membersshouldtakestepsto
arrangefortheapplicationproviderservingtheadvertisementtoprovidenoticewithinthe
applicationaspartofthedownloadprocess,whentheapplicationisrstlaunched,orwhen
thedataisaccessed,inadditiontothenoticeinanapplication’ssettingsscreenand/or
privacypolicy.
C. USER CONTROL
1. The level of choice that members must provide is commensurate with the sensitivity and
intended use of the data. Specically:
a. Use of Non-PII for Cross-App Advertising purposes shall require access to an Opt-Out
Mechanism.
b. Use of PII to be merged with Non-PII on a going-forward basis for Cross-App Advertising
purposes (prospective merger) shall require access to an Opt-Out Mechanism accompanied
by robust notice of such choice.
Commentary: Tobeconsidered“robust”underthisprovision,thenoticemustbeprovided
immediatelyaboveorbelowthemechanismusedtoauthorizethesubmissionofanyPII.
4
The enhanced notice requirements of Section II.B.5 are separate and distinct from the application store notice provisions of
Sections II.B.3 and II.B.4. Section II.B.5 requires that some form of enhanced notice be provided within the application, whereas
sections II.B.3 and II.B.4 concern notice within the store where an application is acquired as well as on the application provider’s website.