The main legal issues behind an app are as followsÂ
1. Lack of transparency from the developer.
2. Lack of awareness from the user.
3. Complete lack of security.
4. Far too easy to enter in to contractually binding relations,ie Too easy to provide consent.
5. Complete lack of concern over data protection.
Â To be frank I am sure the vast majority of app developers have never bothered to take/seek legal advice.
Where are we with the law?
The relevant legal foundation is the Data Protection Directive (95/46/EC) and the specific consent requirement for storing and retrieving information on and from a device under Article 5(3) of the ePrivacy Directive (2002/58/EC). The latter directive has not been introduced in to the UK save for the implementation ofÂ Article 5(3) into national law.- ie the ‘ I accept Cookies’Â regulation. But we are dodo quiet when it comes to apps.
The EU’s working party back in April did seek to focusÂ onÂ consent, transparency, purpose limitation, data minimisation, security, retention and fair processing, particularly concerning children. The following app players were identified:-
1.Â App developers.
2. App stores.
3. The operatingÂ system (OS).
4. Device manufacturers.
5. Third partiesÂ such as analytics providers and advertising networks.
However the working party concludedÂ that the key protagonistsÂ must provide for:-
1.Â FreelyÂ given, specific and informed consent before any app is installed.
2. Specific consent to be provided for each category of data the app will access.
3. Specific defined data processing purposes and a prohibition of ‘we shall process your data forÂ marketingÂ purposes”.Â Â
5. A prohibition from refraining from processing children’s data for behavioural advertising purposes.
6.Â App developers, andÂ OS and device manufacturers as well asÂ app stores must ensure that customers/users are adequately informed.
It is amazing to think that as Apps become such an important part of all our lives that there is little specific legal guidance save for relying on existing legal protection.
I would expect new regulations to be introduced within 12 months