Smartphones are our banks, shopping centres and entertainment. They’re also the gateway to our personal lives and information.
And just one thing allows software applications (apps) to get hold of our personal information; our approval.
By downloading a variety of apps – from a personal budgeting app to gaming apps – you, the user, have clicked “allow access” to your location. You’ve probably not even read the terms and conditions you’ve automatically ticked.
According to Sri Madhisetty, lecturer and part of the team behind the Magic Lab at Sydney’s University of Technology, mobile users are forced to trust and agree to terms and conditions when downloading an app – even if they don’t understand them.
“The concept of consent is not very clear”, he told Hatch. “There is a lack of awareness… about the dangers that can happen.”
There are actually three major parties with a vested interest in your personal information; app developers, government policy-makers and third-party software developers.
App privacy policies frequently refer to “personal information.” The Office of the Australian Information Commissioner defines this as: “information or an opinion about an identified individual, or an individual who is reasonably identifiable.”
Examples include name, signature, address, telephone number, date of birth, medical records, bank account details, employment details and commentary or opinion about a person.
There is also “non-personal information” which does not identify the user.
This information is collected during the use of an app and is explained in privacy policies as being necessary “to improve product, services and content”.
“display user privacy settings with a tool that allows users to tighten their settings. The tool should be easy and straightforward to use.”
The timing of user notice and consent is critical.
Only collect personal information that your app needs to function.
“Don’t collect personal information just because you believe it may be useful in the future.”
Secure what you collect
Now knowing these essential steps, are we seeing them in the mobile apps we’re downloading?
Mobile apps developers
This is an example of “non-personal information” being gathered by an app through a third party .
But when you download Snake Tales and Zap Ba there’s no prompt to tell the user of this information is collected. It goes straight to the game.
When this information is collected, Moneysoft, also advises that your personal information “may” be disclosed to others: “Agents and contractors who supply services to us (e.g. companies that send emails, external data storage providers and marketing firms).”
Sri Madhisetty says consumers need to be see a clear privacy framework if they’re to trust developers.
“Control has to be happening at the phone side… build trust, up front,” he said.
“The [information] has to be given very clearly to the consumer of what third-party means.”
At this point, there is another question users need to ask. What does the software developer do with the data collected?
deliver marketing materials on [our] behalf and for other third parties, that [they] believe are relevant to you.”
This means they aim to collect data for marketing purposes, to then target the user with specifically tailored advertisements.