Feeds

Apple, Google, RIM plaster privacy warnings on prying apps

Cali's chief legal bod strong-arms mobile software stores

High performance access to file storage

Mobile software that meddles with your sensitive info must have privacy polices and must display them clearly, California's Attorney General Kamala Harris declared yesterday in a statement agreed by all major app sellers.

Under the new rule, anyone downloading a program from Apple, Android, RIM, Windows, HP or Amazon stores should be presented with an app privacy policy that reports what personal information the software will slurp and how it will be used. Apps that don't use personal data don't have to present a policy.

The move comes after reports that only 5 per cent of apps have privacy policies and popular titles were caught snatching contact lists and unique phone IDs, location, age, gender and even key taps. Harris expressed the hope that the joint statement will bring developers in line with California's laws on digital privacy.

It will also have a ripple-out effect for anyone outside California as app stores are global, and will bring the issue to the attention of federal law-makers.

"This agreement strengthens the privacy protections of California consumers and of millions of people around the globe who use mobile apps," Harris said in a statement. "By ensuring that mobile apps have privacy policies, we create more transparency and give mobile users more informed control over who accesses their personal information and how it is used."

Apps that fail to meet the new guidelines will be fined at a rate of up to $5,000 per user, said Harris at a conference reported by the LA Times. Users will get new tools to report apps that breach privacy regulations and a review will be held in 6 months' time.

The new app privacy agreement doesn't change what apps can or can't do, but does make punters aware of what's happening in their phone. However watchdogs argue that privacy policies - often weighed down in small print - are not the best way to inform consumers.

"This is an improvement from the current Wild West that is the mobile market," said John M Simpson of the Californian Consumer Watchdog Privacy Project. He added:

But trying to decipher what’s going on through a privacy policy written by lawyers, paid by the word to obfuscate can be extremely frustrating.  It’s even more difficult on small hand-held devices. We need a simple, persistent way to send a message that a user doesn’t want to be tracked. We need Do Not track legislation.

The move to stop browsers tracking user activity - nicknamed the Do Not Track debate - has raged on at PC level - this brings that argument into the mobile space.

Apple and Google host approximately 1 million mobile applications, up from just 600 in 2008. ®

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.