Survey Documents Sporadic Access To Privacy Policies By Mobile Device Apps
Tuesday, July 17, 2012
The Future of Privacy Forum (FPF) recently released the results of its June 2012 survey of mobile device apps and privacy. The survey goal was to understand how often apps provide users with a privacy policy. While a privacy policy is a minimal first step towards data security, it provides both a baseline for consumers to judge the app's operation, and informs users about what sensitive personal data the app uses, and where that data is shared. An industry problem is that too many mobile apps for children still lack privacy policies.
The FPF examined 150 of the most popular mobile apps across three platforms: iOs App Store, Google Play,9 and Kindle. Key findings from the survey:
- 61.3% of all apps examined presented users with a privacy policy. That total included 69.3% of free apps and 53.3% of paid apps.
- The apps examined included many well-known apps: Angry Birds, ESPN Score Center, Facebook, Google Earth, Google Search, Instagram, Netflix, Shazam, Skype, Style Me Girl, Twitter, Virtual Makeover, The Weather Channel, Yahoo! Mail, and more.
- The availability of privacy policies vary greatly by app store and app type:
% of Top Apps That Have A Privacy Policy* | ||
---|---|---|
Free Apps | Paid Apps | |
iOS App Store | 84% | 64% |
Android - Google Play |
76% |
48% |
Kindle Fire - Kindle App Store |
48% | 48% |
All Platforms |
69.3% | 53.3% |
*Privacy policy either in the app listing page, in the app, or in the developer's website |
Ideally, apps should provide immediate and easy access to their privacy policies from the app listing page within the app store. Unfortunately, this access varies greatly:
% of Top Apps That Provide Access To A Privacy Policy On The App Listing Page In The App Store | ||
---|---|---|
Free Apps | Paid Apps | |
iOS App Store | 48% | 28% |
Android - Google Play |
20% |
12% |
Kindle Fire - Kindle App Store |
0% | 0% |
All Platforms |
22.7% | 13.3% |
Ideally, apps should provide immediate and easy access to their privacy policy from within the app, too. Performance here is somewhat better:
% of Top Apps That Provide Access To A Privacy Policy From Within The App | ||
---|---|---|
Free Apps | Paid Apps | |
iOS App Store | 60% | 44% |
Android - Google Play |
64% |
24% |
Kindle Fire - Kindle App Store |
20% | 28% |
All Platforms |
48% | 32% |
The other measure of privacy is whether apps collect location-based data (e.g., GPS) and provide users with an opt-in choice before data collection. The researchers found:
"... 12 out of the 50 apps surveyed on the iOS App Store platform requested precise location information and 14 out of the 50 apps surveyed on the Google Play platform requested precise location information and ten out of those fourteen had privacy policies. The study revealed that almost all of the leading apps requesting precise location data did have a privacy policy in place, but found that some very well known apps did not."
Based in Washington, DC, the Future of Privacy Forum (FPF) is a think tank that seeks to advance responsible data practices. The FPF hosts the ApplicationPrivacy.org website that provides best practices for data security for mobile app developers.
The FPF survey is a good first step. Consumers should be warned that the FPF survey did not evaluate whether developers' mobile apps actually complied with the promises in their privacy policies. That is an important issue to be addressed -- often in the courts, or by diligent technologists.
In June, California Attorney General Kamala Harris announced a deal with Facebook.com to ensure that any apps that collect personal data from California residents have privacy policies. Earlier in the year, several app store operators (e.g., Apple Inc., Google Inc., Amazon.com Inc., Microsoft Corporation, RIM Ltd., and Hewlett-Packard) agreed to a similar arrangement with the California AG. This makes one wonder where the other states' attorney general are on this issue.
Since security experts have documented multiple threats that target Apple and Android mobile devices, wise consumers look for trustworthy apps and protections in privacy policies. What do you look for in a mobile app privacy policy?
I want to know more about the insurance exchanges, if it will open competition...so I will be looking forward to your posts on this :)
Posted by: Anonymous | Tuesday, August 07, 2012 at 03:17 AM
My first time here. Followed you here from Linkedin--was impressed by what I found there and am impressed by what I find here.
Posted by: Facebook Survey | Friday, August 10, 2012 at 03:58 AM
Very good analysis for Mobile Device Apps protection.
Posted by: Hotcandy | Tuesday, September 11, 2012 at 10:51 PM
The banks will close their doors. The federal government will be called upon to print more money to help failing banks. But the money the print will be worthless, other countries will stop taking it in payment and things will get very ugly very fast.
Posted by: Chill | Wednesday, January 23, 2013 at 02:19 AM