Who: 23 national data protection authorities involved in the Global Privacy Enforcement Network including the DPAs for Australia, Canada, France, various Germany DPAs, Israel and South Korea (the “Data Protection Authorities”).
Apple, Google, Samsung, Microsoft, Nokia, Blackberry and Amazon.com (the “Appstores”)
Where: Worldwide
When: 9 December 2014
Law stated as at: 12 January 2015
What happened:
On 9 December 2014 the Data Protection Authorities sent an open letter to the Appstores, the largest global app marketplaces, asking them to make it mandatory on their marketplaces for app users to be given access to the app’s privacy policy. The Data Protection Authorities pointed out that the Appstores already facilitate communication on numerous issues such as the age rating, size and version of the app. They argue that privacy policies should form part of this discussion and that privacy information should be displayed on the app marketplace to allow consumers to make an informed decision.
This recommendation follows the publication of the second annual Global Privacy Enforcement Network Privacy Sweep in September 2014 which showed that users of 59% of the 1,211 mobile apps surveyed struggled to find basic privacy information. The letter argues that consumers are therefore unable to make a meaningful decision about the collection and use of their data by the app.
Why this matters:
The UK Information Commissioner’s Office (the “ICO”) has published guidance, “Privacy in Mobile Apps”, to help app developers collect and use personal data correctly in the UK. The ICO commissioned research to support the launch of its guidance showing that 49% of app users have decided not to download an app based on privacy concerns. This clearly indicates that, as well as the Data Protection Authorities, the average consumer is concerned about the lack of privacy policies.
It is therefore important that app developers and sellers take action to ensure that the relevant privacy policies are in place and that these are clearly communicated to consumers on the appstore as well as within the app. Theoretically the ICO is able to fine companies up to £500,000 for breaches of the relevant legislation, although this power has yet to be used against mobile app developers. However, the threat of action will surely motivate app developers and appstores alike in this area.