Global survey finds 85 percent of apps fail to provide basic privacy
Submit Articles Back to Articles
A survey of over 1,200 mobile apps
by 26 privacy regulators from across the world has shown that a high
number of apps are accessing large amounts of personal information
without adequately explaining how people’s information is being used.
The survey by the Global Privacy Enforcement Network (GPEN) examined
the privacy information provided by 1,211 mobile apps. As a member of
GPEN, the UK’s Information Commissioner’s Office examined 50 of the top
apps released by UK developers.
Today GPEN has published the results of its research. The key findings
• 85% of the apps surveyed failed to clearly explain how they were
collecting, using and disclosing personal information.
• More than half (59%) of the apps left users struggling to find basic
• Almost 1 in 3 apps appeared to request an excessive number of
permissions to access additional personal information.
• 43% of the apps failed to tailor privacy communications to the small
screen, either by providing information in a too small print, or by
hiding the information in lengthy privacy policies that required
scrolling or clicking through multiple pages.
The research did find examples of good practice, with some apps
providing a basic explanation of how personal information is being
used, including links to more detailed information if the individual
wants to know more. The regulators were also impressed by the use of
just-in-time notifications on certain apps that informed users of the
potential collection, or use, of personal data as it was about to
happen. These approaches make it easier for people to understand how
their information is being used and when.
ICO Group Manager for Technology, Simon Rice, said:
“Apps are becoming central to our lives, so it is important we
understand how they work and what they are doing with our information.
Today’s results show that many app developers are still failing to
provide this information in a way that is clear and understandable to
the average consumer.
“The ICO and the other GPEN members will be writing out to those
developers where there is clear room for improvement. We will also be
publishing guidance to explain the steps people can take to help
protect their information when using mobile apps.”
The ICO has published ‘Privacy
in Mobile Apps’ guidance to help app developers in the UK
handle people’s information correctly and meet their requirements under
the UK Data Protection Act. The guidance includes advice on informing
people how their information will be used. Research carried out last
year to support the guidance’s launch showed that 49%
of app users have decided not to download an app due to privacy concerns.
If you need more information, please contact the ICO press office on
0303 123 9070 or visit the website at: www.ico.org.uk.
1. The Information Commissioner’s Office upholds information rights in
the public interest, promoting openness by public bodies and data
privacy for individuals.
2. The ICO has specific responsibilities set out in the Data Protection
Act 1998, the Freedom of Information Act 2000, Environmental
Information Regulations 2004 and Privacy and Electronic Communications
3. The ICO is on Twitter, Facebook and LinkedIn. Read more in the ICO
blog and e-newsletter.Our Press Office page provides more information
4. Anyone who processes personal information must comply with eight
principles of the Data Protection Act, which make sure that personal
• Fairly and lawfully processed
• Processed for limited purposes
• Adequate, relevant and not excessive
• Accurate and up to date
• Not kept for longer than is necessary
• Processed in line with your rights
• Not transferred to other countries without adequate protection
About the Global Privacy Enforcement Network (GPEN)
5. The Global Privacy Enforcement Network was established in
recommendation by the Organisation for Economic Co-operation and
Development. Its aim is to foster cross-border cooperation among
privacy regulators in an increasingly global market in which commerce
and consumer activity relies on the seamless flow of personal
information across borders. Its members seek to work together to
strengthen personal privacy protections in this global context. The
informal network is comprised of 51 privacy enforcement authorities in
39 jurisdictions around the world.
About the Author
The Information Commissioner’s Office is the UK’s
independent authority set up to uphold information rights in the public
interest, promoting openness by public bodies and data privacy for
individuals. We do this by promoting good practice, ruling on
complaints, providing information to individuals and organisations and
taking appropriate action when the law is broken.
The ICO enforces and oversees the following
- Data Protection Act 1998
- Freedom of Information Act 2000
- Privacy and Electronic Communications
- Environmental Information Regulations
Follow us @Scopulus_News
Article Published/Sorted/Amended on Scopulus 2014-09-17 09:05:48 in Business Articles
All ICO Articles