0 Comments |  Vanessa Emilio |  PRINT | 

Big brother is watching: App marketers beware

Friday, 13 September 2013 | By Vanessa Emilio

NSA. Edward Snowden. Lavabit. Silent Circle. Windows 8.


Privacy breaches are making headline news. What used to be a sleepy backwater of legal niceties is hitting the front pages. And assumptions consumers have always held – that their private information will be kept private – are now being questioned.


The privacy of your personal information will become bigger and bigger news in the weeks and months to come. Consumers will start to demand that their information is secure and they will become increasingly concerned about sharing personal information.


One of the areas that will inevitably be scrutinised is ‘app permissions’.


Apps are becoming ubiquitous. And consumers run them without thinking. But do you know if the app you just downloaded accesses information it doesn’t require to run it? Has the games app you just added accessed your address book? Or your geographic location?


App marketers need to know what their developers are doing


Many apps access far more information than they require to run. Some apps may use it for their own means – such as targeting advertising. Some apps harvest your contact details and your address book and sell the information. Some apps are just sloppily programmed.


An app permission controls the access you give an application to your mobile device’s operating system and data. For example, access to your email address, address book, geographic location, etc.


If you are an app developer or developing an app for your own business, you need to be aware of the permissions your app needs to run – and limit your app to only these permissions. Then you need to instruct your app programmer accordingly. And probably check on him/her too.


App marketers need privacy policies too


Privacy policies are now common for websites. But not yet for apps.


A privacy policy is for the protection of both users of your app and yourself, as an app developer. It notifies users that you collect personal information, what you collect, how you store it and how you use it.


In Australia, if you collect personal information of any type you must post a privacy policy to avoid breaching Australian privacy legislation whether you have an app or a website. With Australian privacy legislation regularly being reviewed and becoming more stringent, it is only a matter of time before it catches up, requiring all apps to show what data is actually collected, used and required by the app. Then posting the relevant privacy policy on the app addressing this or providing a link to it.


Many of the app stores now ask developers if they want to link back to a privacy policy on their website when they load a new app on the store. At the moment it’s voluntary and a question of ticking a box. But down the road it might become mandatory.


So if you’re an app developer or a business owner with an app, you need to ensure you are aware of these potential issues – and protect yourself and your business. Ensure you have a current relevant privacy policy for your app and link to it appropriately. And ensure your app permissions are limited to the minimum of what is required for your app to run.