App stores march toward shared ratings system

The wireless industry's trade group wants to put ratings on mobile apps to help parents keep inappropriate content out of their kids hands, but does a one-size ratings system fit all app stores?

The initiative (PDF), which was launched near the end of March by CTIA-The Wireless Association, calls for "voluntary self-certification of apps." The program is on track to be in place by the end of this year and seeks to have app-makers define the content within their creations based on a specific set of ratings and guidelines. The end result is a system the CTIA hopes will give consumers a "more informed" choice when using applications on mobile devices.

The move is reminiscent to what's happened to music, movies, and video games. Apps have--for better or worse--become a form of entertainment that can be had anywhere and by nearly anyone. They've also become big business in the last few years, with combined revenues from the various stores coming in at an estimated $3.8 billion this year.

Not everyone is happy with the putting the CTIA in the driver's seat for decision making though. In a note to the CTIA earlier this week, advocacy group ACT said its 3,000-member association of software developers believed the initiative could stifle innovation and interest in app development.

"Our membership has expressed to us that they reject the idea of unrelated industries acting as their regulator," ACT President Jonathan Zuck wrote in a letter addressed to CTIA President Steve Largent. "While CTIA's intentions may be sound, they don't have the experience or knowledge of the apps ecosystem that is essential for any standards-setting board. Developers are further concerned that relying on other industries, with potentially competing interests, to set marketplace standards is a nonstarter for app writers."

The CTIA is a Washington, D.C.-based trade group that represents carriers, manufacturers and other players in the wireless industry, including many of the companies with mobile application stores. Apple, Google, Research In Motion, Nokia, and Microsoft are listed as members.

David Diggs, who is the CTIA's vice president of wireless Internet development, said in a phone interview that the group is still in the middle of evaluating proposals for app ratings systems following half a dozen submissions that came in after its announcement; that call for submissions was made open to non-CTIA members. Diggs would not say which entities were in discussions about the app rating proposal.

Diggs said the genesis for the initiative came from a 2009 Federal Trade Commission report about marketing violent content to children, wherein the organization called for more information to be made available to consumers about the applications they were downloading.

"Among other things, the FTC thought that it would make sense to devise a content classification system that would be familiar to consumers," Diggs said. "What we're moving towards, and this was in the guidelines, is that it ought to relate to things consumers already understand like MPAA ratings for movies."

But this is an area where things get murky. For something like games, which make up a healthy majority of mobile applications, there are already groups that exist specifically for the purpose of self-regulation.

In the U.S., there's the Electronics Software Rating Board (ESRB), which was formed in the mid-1990s as a self-regulatory arm at a time when the video games industry faced regulation from the government. That group has publishers filling out a description of what types of content are in a game, as well as providing footage for a title's evaluation. In return the game gets a ratings classification. All of this comes with a fee, which varies depending on the cost of the game's development, and goes to support the ratings system's existence.

"This points to the difference," said Morgan Reed, ACT's executive director. "If it's a CTIA self-derived push, that seems like an intermediary regulator. A preferred model would be the ESRB, which is funded and managed by game developers. ESRB's rating system is actual self-regulation."

Using a similar system for mobile apps could prove to be difficult given that the volume of applications continues to grow. The app publishing landscape as it exists right now has a very low entry fee. While a developer may spend tens of thousands of dollars developing an application, they can publish it somewhere like Apple's App Store free of charge as long as they're paying Apple the $99-a-year developer fee. Apple then makes 30 percent on the sale, and from any in-app purchases, and subscriptions made within the app. Adding extra fees on top of that could change that dynamic.

Reed suggested that developers could also shift their efforts to the Web if the guidelines end up restricting what can be done with native apps. "If a ratings system were to be implemented by the CTIA and deemed too partisan, developers--especially of quick and dirty games--start really moving to an HTML5 environment," Reed said. "Where do you enforce a system that you get to by a Web page?"

Existing systems

Mobile application stores already have numerous content controls in place, including ratings systems that can alert consumers to whatever content is contained within. Here's a breakdown how each of the big ones do it:

Apple, which currently has the largest volume of applications of the providers (though it might not hold that crown for long), requires app developers to rate their own content in one of four ratings ranging from "4+" which contains no objectionable material, all the way to "17+", which requires that users be at least 17 years old. To police this, application ratings are checked at the time of review by Apple, and the company has the power to pull them from the App Store. Apple also provides ways to limit what iOS devices are able to install and run using built-in parental controls.

Google has a similar four-tier rating system that uses an "everyone" to "high maturity" scale. Developers assign their application a rating based on its content, then publish it to the Android Market. If users flag a published application for somehow mis-rating itself, Google says it re-rates it per the company's guidelines with a staff review. When deploying the system, Google had developers go through their existing catalogs and rate applications.

Research In Motion has its own set of content guidelines that determine what cannot be included in applications, though applications are not given a specific age group designation.

Nokia requires applications submitted to its Ovi store to comply with the company's content guidelines. There's no age-based system, instead it's whether "content is appropriate for a wide spectrum of consumers." Nokia maintains a list of items that aren't allowed, and a company representative told CNET the company also evaluates apps to make sure content is "age appropriate and culturally sensitive."

Microsoft has its own content guidelines apps need to conform to. Games that have been ported from platforms that use existing ratings systems such as the ESRB need to provide that information to Microsoft as part of the company's Windows Phone Marketplace certification. This information is listed on application descriptions.

From Microsoft's guidelines:

"If your application is a game that has been rated by an approved ratings board (currently ESRB, PEGI, and USK), you must submit the ratings certificate for the application and provide the appropriate content descriptors. If a game application is submitted with a rating that is equal to or less restrictive than ESRB "T", PEGI "12", or USK "12", it will be presumed to comply with these content policies."

The bottom line

The thing to make clear about the CTIA's initiative is that nothing has been decided yet, especially when it comes to which of the application stores will participate. Along with that, there's the question of if those groups can agree upon a set of guidelines and ratings designations. As Apple has been happy to point out about its store, it does not allow things company like Google does, and vice versa. In many ways that gives these stores an identity, and adds another layer of competition.

Issues around these policy differences bubbled up recently when several government officials asked Apple, Google, and RIM to remove applications that alerted users to police checkpoints. RIM complied, while Apple and Google did not take action. Would the ratings body be given control to make judgments in such cases?

There's also the question about what happens to existing ratings and the review processes that govern these stores. If a new system is put into place, does that mean someone needs to re-review applications to make sure they comply? And who makes that decision, how is it enforced, and who's paying for that?

ACT's Reed said that the key thing is making sure there's a way to weed out apps that misrepresent what's inside. "Any regulatory system adopted by developers needs to be one that is self-reporting on the front-end, and post-punishment on the other. There has to be some sort of mechanism for a bad actor who lies."

Updated at 11:40 a.m. PT with clarification on the CTIA proposal application process.