This probably won’t come as a great shock, but apps are generally pretty bad at telling you what they do with your personal information.
In fact, a survey by the Global Privacy Enforcement Network, a group of privacy regulators from around the world, found that 85 percent of the 1,200 surveyed apps don’t clearly explain why they collect personal data, how they use it and who they share it with.
Other findings: Almost a third of apps seem to request more permissions than necessary; 59 percent “left users struggling to find basic privacy information”; and 43 percent either bury key information in lengthy privacy policies or provide it in tiny, non-mobile-friendly print.
Simon Rice, tech chief at the U.K. Information Commissioner’s Office (ICO), said the ICO and other regulators would write to developers “where there is clear room for improvement” and publish guidance to help people protect their information when using apps. Meanwhile, Canadian Privacy Commissioner Daniel Therrien said those conducting the survey were left uneasy by apps that “were requesting permission to access potentially sensitive information, like your location or access to your camera functions, without necessarily explaining why.”
Do users care about this stuff? I suspect they do, though the mobile OS vendors’ permissions policies tend to make everything a game of all or nothing. Look at the incredibly privacy-friendly App Ops tool that [company]Google[/company] quietly launched then pulled — it would have let users toggle fine-grained permissions — and consider how it could have mitigated the outrage that hit [company]Facebook[/company]’s Messenger app a few weeks back.
Trust will become an ever more important issue when it comes to sending data off to the cloud, and ultimately you’re going to find startups touting their privacy credentials as a marketing tool. Europe’s data protection regulations will force them to be more up-front anyway, so they may as well play the honesty card sooner rather than later.
As Therrien put it: “Both large and small app developers are embracing the potential to build user trust by providing clear, easy to read and timely explanations about what information they will collect and how they will use it. Others are missing that opportunity by failing to provide even the most basic privacy information.”