Feeds

Apple, Google, RIM plaster privacy warnings on prying apps

Cali's chief legal bod strong-arms mobile software stores

Providing a secure and efficient Helpdesk

Mobile software that meddles with your sensitive info must have privacy polices and must display them clearly, California's Attorney General Kamala Harris declared yesterday in a statement agreed by all major app sellers.

Under the new rule, anyone downloading a program from Apple, Android, RIM, Windows, HP or Amazon stores should be presented with an app privacy policy that reports what personal information the software will slurp and how it will be used. Apps that don't use personal data don't have to present a policy.

The move comes after reports that only 5 per cent of apps have privacy policies and popular titles were caught snatching contact lists and unique phone IDs, location, age, gender and even key taps. Harris expressed the hope that the joint statement will bring developers in line with California's laws on digital privacy.

It will also have a ripple-out effect for anyone outside California as app stores are global, and will bring the issue to the attention of federal law-makers.

"This agreement strengthens the privacy protections of California consumers and of millions of people around the globe who use mobile apps," Harris said in a statement. "By ensuring that mobile apps have privacy policies, we create more transparency and give mobile users more informed control over who accesses their personal information and how it is used."

Apps that fail to meet the new guidelines will be fined at a rate of up to $5,000 per user, said Harris at a conference reported by the LA Times. Users will get new tools to report apps that breach privacy regulations and a review will be held in 6 months' time.

The new app privacy agreement doesn't change what apps can or can't do, but does make punters aware of what's happening in their phone. However watchdogs argue that privacy policies - often weighed down in small print - are not the best way to inform consumers.

"This is an improvement from the current Wild West that is the mobile market," said John M Simpson of the Californian Consumer Watchdog Privacy Project. He added:

But trying to decipher what’s going on through a privacy policy written by lawyers, paid by the word to obfuscate can be extremely frustrating.  It’s even more difficult on small hand-held devices. We need a simple, persistent way to send a message that a user doesn’t want to be tracked. We need Do Not track legislation.

The move to stop browsers tracking user activity - nicknamed the Do Not Track debate - has raged on at PC level - this brings that argument into the mobile space.

Apple and Google host approximately 1 million mobile applications, up from just 600 in 2008. ®

Internet Security Threat Report 2014

More from The Register

next story
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.