A recent study paper just published on ICO, this September 10th 2014, by Global Privacy Enforcement Network (GPEN), found that thousands of apps from across the world, are collecting and disclosing private user information without consent, and with very little transparency.
The survey closely examined privacy details submitted by over 1,200 mobile apps, including 50 of the most downloaded apps made by UK developers and companies. They neatly listed their findings to clearly and accurately represent what is really going on with our private information when we accept to share access with these so-called “safe and private” applications.
- 85% of the surveyed apps we’re incapable of properly or clearly explaining how private user information was collected, how it can or will be used, or even a proper agreement or policy on disclosing (sharing) your information with other parties.
- 59% had no direct links or easy to find privacy details and information. Users whom seek to find this information, can end up wasting a ton of time browsing and searching and still come up short without requesting it directly to the developer.
- 33% of the apps requested more permissions than required to run the apps. This represents a third of apps excessively abusing of private access requests when installing their application.
It was not all gloom and doom, as the study did find some good examples of proper privacy practice among developers, with simple to understand and easy to find privacy details, along with access to full, detailed policies for a complete in-depth report. Just-in-time notifications we’re highlighted as a positive route for providers to take, effectively advising the user of various data collection requests just before they happen. The organization feels that alerting the user as it happens, helps users understand better what information is collected and why.
ICO.org has published a guide to help UK developers, better process and handle private user details, and ensuring that the privacy of all is properly respected when using their mobile software, all while abiding to the requirements found in the UK Data Protection Act. The ‘Privacy in Mobile Apps’ guide also informs developers on how to better communicate with the users about the information that gets collected. A pre-study was done to setup the base of this research last year, which showed that almost 50% of mobile app users have at least at one time, decided not to download an app due to privacy concerns. The full details of the study can be directly accessed on the Office of The Privacy Commissioner of Canada’s site here.