The EU privacy watchdog group, known as the article 29 has issued new recommendations based on their study. The watchdog consists of EU data and privacy authorities and it has been the main privacy watchdog in the European Union.
The new set of recommendations from the article 29 group is set to affect app developers in Europe. According to the recommendation, app developers will have to ask for the user’s consent before collecting any kind of data. User data not only include regular items like social network logins, payment information, contacts but also browsing history of the individual and other related content that most of the users are not aware of.
The report adds that, it is the responsibility of the companies that run the app stores like Apple, Google to implement a mechanism in their apps which will ask for the prior consent of the user when the app launches or tries to collect user data for the first time. Also, the default settings of the application should be set in such a way that the application should not override any mechanism aimed to avoid such tracking.
A small part of the report which will essentially affect the developers in Europe is given below,
“On average, a smart phone user downloads 37 apps. These apps are able to collect large quantities of personal data from the device, for example by having access to the photo album or using location data. “This often happens without the free and informed consent of users, resulting in a breach of European data protection law”,according to the Chairman of the Article 29 Working Party Jacob Kohnstamm.
Privacy risks mobile apps
Smart phones and tablets contain large quantities of intimate personal data from and about their users, such as contact details, locational information, banking details, photos and videos. In addition, these devices can record, or capture in real-time, a range of data types from a multitude of sensors including microphones, compasses or other devices used to track a user’s movement. Although app developers want to provide new and innovative services, the apps may have significant risks to the private life and reputation of users of smart devices if they do not comply with EU data protection law. Individuals must be in control of their own personal data. Therefore apps must provide sufficient information about what data they are processing before it takes place in order to obtain meaningful consent.Poor security is another data protection risk, which could lead to unauthorised processing of personal data through the trend of data maximisation and the elasticity of purposes for which personal data is being collected, such as for ‘market research’. This increases the possibility of a data breach.”
The new recommendations of the group along with some existing provisions of the data protection directive and the ePrivacy directive will definitely impact the way the developers use their data.