Skip to main content

Mobile apps pull up short in privacy stakes

by Ammy Singh •
Subscriber preview

A worldwide sweep of over 1200 mobile apps along with ongoing privacy concerns has prompted the Office of the Australian Information Commissioner (OAIC) to develop ‘Mobile privacy: a better practice guide for mobile app developers’.

The Global Privacy Enforcement Network (GPEN) Privacy Sweep, conducted in May 2014 by 26 privacy enforcement authorities around the world including the OAIC, examined 53 popular free iOS apps, with a focus on apps produced by or on behalf of Australian businesses and Australian Government agencies.

The sweep found that as mobile apps increase in popularity, many of them are seeking access to large amounts of personal information without adequately explaining how that information is being used.

Over 67% of Australian apps were found to have offered little information about why the data was being collected or how it would be used prior to download. The sweep also found that 11.3% of Australian apps requested access to information that exceeded their functionality, raising alarms as to the nature of the information being sought.

“Of particular concern was that almost 70% of the apps we looked at failed to provide the user with a privacy policy or terms and conditions that addresses privacy prior to the app being downloaded,” according to Australian Privacy Commissioner, Timothy Pilgrim.

“This is not good privacy practice. Organisations must have a clearly expressed and up to date privacy policy that tells people how their personal information will be managed.”

The OAIC also found that almost 25% of the apps examined did not appear to have privacy communications that were tailored for a small screen, consisting of lengthy and complex privacy policies that required users to scroll through multiple pages.

In response, the OAIC has created guidelines encouraging developers to use short form notices for privacy policies that are no longer than a single screen. In addition, the OAIC advocates for developers to draw users’ attention to any collection, use or disclosure of information that they would not otherwise reasonably expect.

“I would encourage mobile app developers to put their users’ privacy first when designing apps by incorporating a ‘privacy by design’ approach,” Pilgrim said. 

Already a subscriber? Sign in here to keep reading

Want more content like this? Contact our team today for subscription options!

  • Stay up-to-date on hot topics in government
  • Navigate your business with executive level horizon outlooks
  • Get deep public sector ICT insights on our Market Watch series