Pan-European approach to mobile app privacy mooted
European regulators are working in unison to address potential areas of concern over app developers’ compliance with data protection laws as smartphone usage continues to soar.
The Information Commissioner’s Office (ICO) is working with the Article 29 Working Party, an umbrella group of data protection agencies from across the EU and the EC, to ensure pan-European compliance.
The effort includes briefing separate stakeholders in the mobile app ecosystem, including app store providers such as Apple and Google, as well as smaller developers.
Developers are being prompted to ensure their apps are fully transparent on how much personal data, such as their address book and location, is used by their apps by the parties concerned.
Last week, Christopher Graham, the UK’s Information Commissioner, at a conference in London said some app developers had a “cavalier” attitude to personal data protection. He further warned marketers to take online data capture “more seriously.”
Dave Evans, ICO group manager of business and industry, says app developers are increasingly the subject of interest given the rapid rise of smartphone and tablet usage.
“We’re looking to work on the ‘data minimisation’ principle,” he says.
“For instance, if an app accesses somebody’s contact’s list, does it really need to do that?”
Evans also says the ICO is working with its European counterparts to better ensure compliance, partly as a result of the fragmented nature of the mobile development ecosystem.
For instance, an app developer can trade in the UK version of an app store but be based elsewhere in the EU and not necessarily be familiar with the data protection laws here.
“Basically we want to make sure that people are aware of how things work and that consumers are given meaningful control over how their data is used,” he adds.
Elsewhere, the IAB’s UK arm is leading a cross-industry initiative to assemble privacy guidelines in preparation for rules regarding online behavioural advertising being extended to mobile devices.
Marta Costas, IAB mobile regulatory affairs manager, says: “There are some adjustments that have to be made to the current framework [to make it relevant to mobile audiences].”
Mobile internet and app audiences have spiked in recent years given the emergence of smartphones with penetration passing the 50 per cent mark in the UK and US last year (see chart below) according to Sarah Quinn, marketing manager at On Device Research.
“This is great for companies, but it does raise concerns over data protection as we store more of our personal details on them,” she says.
“If they are lost, then precautions need to taken to make sure data stored on devices is secure and protected. We also need more secure Wi-Fi connections to protect users’ data.”