ICO Says Mobile Apps Demand Too Much Information

The Information Commissioner’s Office (ICO) says the majority of the most popular smartphone applications fail to explain how they are using users’ data and many demand access to far more information than they need to function.

The UK’s privacy watchdog was participating in a survey by the Global Privacy Enforcement Network (GPEN), which invited 26 such regulators to investigate 1,211 apps. The ICO examined the UK’s 50 top mobile applications.

GPEN’s survey found that 85 percent failed to clearly explain how they were using, collecting and disclosing personal information, with more than half unable to provide basic privacy information and 43 percent did not tailor such details in a format suited for smartphones, either using small text or hiding it in lengthy policies.

Privacy hungry applications

The survey also found that one in three apps appeared to request excessive permissions so they could access more personal details.

“Apps are becoming central to our lives, so it is important we understand how they work and what they are doing with our information,” says Simon Rice, group manager for technology at the ICO. “Today’s results show that many app developers are still failing to provide this information in a way that is clear and understandable to the average consumer.”

The survey did find some examples of good practice, with some apps providing basic information to how data is being used and providing links to more information if requested. Other applications also provided notifications that informed users when the potential collection of data was about to happen.

However, the regulators say more needs to be done to encourage better privacy protection, adding that 49 percent of people haven’t downloaded an app because of privacy concerns.

More must be done

“The ICO and the other GPEN members will be writing out to those developers where there is clear room for improvement,” adds Rice. “We will also be publishing guidance to explain the steps people can take to help protect their information when using mobile apps.”

Anderson Cheng, CEO of SRD Wireless, the creator of privacy-focused application PQChat says excessive data collection is a problem because many apps are set up to make money first and provide a service second, with the industry assuming users have no control over their data.

“The issue is that many apps not only store a huge amount of data on their users in the first place, but then share that with other applications or use it in ways that simply aren’t secure,” he explains. “All of this can turn individuals’ personal information into a goldmine for identity thieves, spammers and others: as even with the best of intentions, app developers and operators can always fall victim to data breaches and attacks that spill the data of thousands or even millions of individuals.

“Also remember you are not always the target, you have all your contacts’ data as well and sometimes it is yours friends and family that ID thieves are after.

“This is exacerbated by the fact that, since their business models revolve around user data, many apps store far more information than they need. For instance, a simple communication app should only need your user ID and contact number. If it then demands access to your date of birth, contacts list and other information it is increasing the risk that others will gain access to your data, as well as that of your friends and family.”

He suggests users reject applications that cannot guarantee they are only storing the minimum amount of data required.

How much do you know about online security? Take out quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 mins ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

17 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

19 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

21 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

22 hours ago