ICO Publishes Privacy Guidelines For App Developers

Have a clear privacy policy or risk alienating users, warns the data protection watchdog

The Information Commissioner’s Office (ICO) has issued new guidelines for mobile app developers, urging them to comply with the Data Protection Act and respect user privacy.

In the run up to Christmas – the busiest period of the year for app downloads – the watchdog has also published advice for consumers, designed to keep them in control of their data.

The ICO said that nearly half of all mobile device owners had decided against downloading certain apps in December, scared away by vague privacy policies and excessive permissions.

“Compliance is not a bolt-on included in the final phase of a product’s development, but is an aspect of an app’s design that should be considered at the start of the process,” said Simon Rice, group manager for the Technology team at ICO.

‘Appy Christmas’

Last year, UK consumers downloaded 328 million apps on Christmas Day, as they tested new mobile devices discovered under the Christmas tree. This year, the number is expected to climb even higher – according to a survey by the Consumer Electronics Association, tablets were top of the wish list for 26 percent of adults in the US, and the figure is likely to be similar in Britain.

Sergey NivensThe recent arrival of cheaper tablets like the £119 Hudl from Tesco, or the UbiSlate 7Ci which can be bought for as little as £30, is sure to increase the demand for apps.

However, a recent survey by YouGov found that 62 percent of mobile device owners are concerned about the way apps use personal information, and 49 percent have actually chosen not to download an app because they were worried about privacy.

“The public are clearly concerned about the way apps are seen to be using personal information. Developers who fail to address this concern by being open and upfront about how and why they are using people’s information will be at a clear disadvantage,” said Rice.

In order to help developers navigate the complex data protection landscape, the ICO has published a 25-page document compiled by industry experts and regulators, which recommends including extensive information on application permissions and privacy policy in every app.

The ICO has even developed a layout for a perfect privacy policy, suitable for small smartphone screens. The watchdog warned that apps which lack clear information on the way they use data risk losing money and alienating users just seconds before they start the installation process.

“Apps aren’t just for consumers,” commented John Thielens, chief security officer at Axway. “We’re seeing a big rise in demand for apps for the enterprise. The Bring Your Own Device (BYOD) movement, combined with the dominance of smartphones and tablets means employees, partners and customers alike want to access information anytime, anywhere. In this scenario, the security burden is heavily weighted on the business.

“With their necks on the line, businesses need to take on granular data governance throughout an organisation. Application Programming Interfaces (APIs) form the foundation of any app development, and its API management that puts businesses back in the driving seat when it comes to controlling the flow of data beyond the enterprise edge.”

Can you look after your personal data online? Take our quiz!