The main legal issues behind an app are as follows
1. Lack of transparency from the developer.
2. Lack of awareness from the user.
3. Complete lack of security.
4. Far too easy to enter in to contractually binding relations,ie Too easy to provide consent.
5. Complete lack of concern over data protection.
To be frank I am sure the vast majority of app developers have never bothered to take/seek legal advice.
Where are we with the law?
The relevant legal foundation is the Data Protection Directive (95/46/EC) and the specific consent requirement for storing and retrieving information on and from a device under Article 5(3) of the ePrivacy Directive (2002/58/EC). The latter directive has not been introduced in to the UK save for the implementation of Article 5(3) into national law.- ie the ‘ I accept Cookies’ regulation. But we are dodo quiet when it comes to apps.
The EU’s working party back in April did seek to focus on consent, transparency, purpose limitation, data minimisation, security, retention and fair processing, particularly concerning children. The following app players were identified:-
1. App developers.
2. App stores.
3. The operating system (OS).
4. Device manufacturers.
5. Third parties such as analytics providers and advertising networks.
However the working party concluded that the key protagonists must provide for:-
1. Freely given, specific and informed consent before any app is installed.
2. Specific consent to be provided for each category of data the app will access.
3. Specific defined data processing purposes and a prohibition of ‘we shall process your data for marketing purposes”.
5. A prohibition from refraining from processing children’s data for behavioural advertising purposes.
6. App developers, and OS and device manufacturers as well as app stores must ensure that customers/users are adequately informed.
It is amazing to think that as Apps become such an important part of all our lives that there is little specific legal guidance save for relying on existing legal protection.
I would expect new regulations to be introduced within 12 months