While parts of the global economy are continuing to suffer serious economic shocks, an individual with a computer, internet access and the necessary know-how can join the increasing ranks of the
While parts of the global economy are continuing to suffer serious economic shocks, an individual with a computer, internet access and the necessary know-how can join the increasing ranks of the appreneurs - people developing and hoping to make money from apps. Buoyed by the stories of wunderkids such as 17 year old Nick D'Aloisio who sold his Summly app to Yahoo for around £18m earlier this year, many are seeking to become appillionaires! And undoubtedly a rosy future will beckon for those fortunate enough to hit on the right app at the right time.
As the popularity of mobile and tablet devices rises, the proliferation of apps will continue. But some apps will sink without a trace and some will become global hits. Amidst all the excitement, those developing apps would do well to consider certain essential privacy pointers in order to anticipate any potential obstacles to widespread adoption and in order to avoid any unwelcome regulator attention down the road. These include:
1. Think Privacy from the beginning - design your app so that it shows an understanding of privacy issues from the start i.e. include settings that give an individual control over what data you collect about them, usually through providing an opt-out;
2. Tell individuals what you're doing - include a notice setting out how you use their data, make sure that the notice is accessible and in a language that people can understand, and adopt a 'surprise minimisation' approach so that you can reasonably argue that individuals would not be surprised by the data you collect on them in a given context;
3. Decide whether you're sharing the data you collect with anyone else - if so, make sure that there's a good reason to share the data, tell individuals about the data sharing and check to see whether there are any rules that require you to obtain individuals' consent before sharing their data i.e. for marketing purposes;
4. Check to see whether you're collecting special types of data - be aware that certain types of data (such as location data or health data) are considered more intrusive and you may need to obtain an individual's consent before collecting this data;
5. Implement an implied consent solution when using cookies or other tracking technologies in the EU - the debate is pretty much over on how to comply with the EU cookie rule since implied consent is increasingly being adopted by regulators (see Phil Lee's recent blog)
While an initiative scrutinising App privacy policies and practices (similar to the 'Internet Sweep Day' we have seen initiated recently by the Global Privacy Enforcement Network) is probably some time off, appreneurs that can get privacy 'right' from the start will have a competitive advantage over those that do not.
As the popularity of mobile and tablet devices rises, the proliferation of apps will continue. But some apps will sink without a trace and some will become global hits. Amidst all the excitement, those developing apps would do well to consider certain essential privacy pointers in order to anticipate any potential obstacles to widespread adoption and in order to avoid any unwelcome regulator attention down the road. These include:
1. Think Privacy from the beginning - design your app so that it shows an understanding of privacy issues from the start i.e. include settings that give an individual control over what data you collect about them, usually through providing an opt-out;
2. Tell individuals what you're doing - include a notice setting out how you use their data, make sure that the notice is accessible and in a language that people can understand, and adopt a 'surprise minimisation' approach so that you can reasonably argue that individuals would not be surprised by the data you collect on them in a given context;
3. Decide whether you're sharing the data you collect with anyone else - if so, make sure that there's a good reason to share the data, tell individuals about the data sharing and check to see whether there are any rules that require you to obtain individuals' consent before sharing their data i.e. for marketing purposes;
4. Check to see whether you're collecting special types of data - be aware that certain types of data (such as location data or health data) are considered more intrusive and you may need to obtain an individual's consent before collecting this data;
5. Implement an implied consent solution when using cookies or other tracking technologies in the EU - the debate is pretty much over on how to comply with the EU cookie rule since implied consent is increasingly being adopted by regulators (see Phil Lee's recent blog)
While an initiative scrutinising App privacy policies and practices (similar to the 'Internet Sweep Day' we have seen initiated recently by the Global Privacy Enforcement Network) is probably some time off, appreneurs that can get privacy 'right' from the start will have a competitive advantage over those that do not.