The Office of the Information and Privacy Commissioner (OIPC) of Alberta in partnership with 23 privacy enforcement authorities from around the world are calling on app marketplaces to make it mandatory for mobile app developers to post links to privacy policies prior to download if they’re going to collect personal information.
Privacy authorities have raised the issue in an open letter to seven app marketplaces, including Google Play and the Apple App Store.
“Ensuring mobile device users are aware of mobile app privacy policies is important. What we have found is that too often individuals are using apps without knowing how their personal information is being collected, used or shared,” said Brian Hamilton, Director of Compliance and Special Investigations with the OIPC.
The joint recommendation follows a mobile app privacy sweep last spring by the Global Privacy Enforcement Network (GPEN) that found many popular mobile apps were seeking access to large amounts of personal information without adequately explaining how that information would be used.
The OIPC examined 21 Alberta-based mobile apps in the private, public and health sectors. In total, sweep partners examined 1,211 mobile apps and found that 85 per cent of them failed to clearly explain how they would collect, use and disclose personal information.
“We are pleased to have participated in this initiative,” said Hamilton. “A shared focus on privacy has the potential to benefit everyone developing, selling or using mobile apps.”
Having privacy information prior to download is critical as it allows individuals to decide whether they are comfortable with the collection, use and disclosure of their personal information before the app is even on their device.
Without this information, it’s difficult for individuals to provide meaningful consent, privacy guardians say.