New apps are cropping up everywhere. Some businesses are using them to offer goods and services rather than offering their goods and services through a website. There seems to be an app for everything these days: games, shopping, meet-ups, health and fitness and even coffee orders.
Many apps access and store large amounts of personal data; often not all (and sometimes none) is required to run the app. The problem is that this breaches privacy law and the Office of the Australian Information Commissioner (OAIC) is now assessing this.
What is the issue?
The OAIC was involved in a global sweep of 1200 mobile apps early last year and found the majority breached privacy law: 70% failed on either privacy or terms and conditions that did not clearly advise the app user on what was being collected, what it was used for and how it was stored.
The OAIC privacy guidance is out now for mobile app developers and is set to be revised, as it was developed prior to the privacy law reforms that came out last year (March 2014).
They are tipping the next review, revisions guide and privacy sweep for apps will be on the agenda this year.
Tips to ensure your app meets the privacy rules:
1. Only collect the information you actually need to run the app
Ask your developer to confirm that the permissions enabled on the app access only the required information and data. Make sure you have this in writing from them and that it lists what is accessed and what is being collected.
2. User disclaimer
You need a good app disclaimer that protects you from any user download issues, and also to have the app user agree to permit the app to access their personal information (the permissions) if it does so.
4. Make it responsive
Avoid the privacy fine (up to $1.7 million) and get your app in order. If you are unsure or unclear, ask your lawyer. Apps need terms and privacy too!