Apps downloadable to mobile devices are subject to the European Union's Privacy and Electronic Communications Regulations, according to deputy commissioner David Smith, and the Information Commissioner's Office (ICO) will be examining them closely to monitor compliance.
The laws, which came into force in May 2011, regulate the use of data, such as cookies, planted on PCs and other devices. Rather than prohibiting them, it requires that users provide informed consent. This will necessitate informing web users that cookies are used, what they do, and offering the user the option not to have those cookies downloaded to their device.
"Apps are one of the items on our list," warned Smith. "It's quite clear that if someone is storing something on a device, or accessing information that is already stored on a device, one of the issues might be the form of consent when an app is downloaded.
"We've all downloaded an app and clicked ‘okay', but how informed are we? How do they get messages across? How do they say, ‘did you know this app is going to access your phone ID and your location?'" said Smith.
He added: "There are wider issues around apps and privacy, of which this is a part, but that's something that we are looking to deal with in the future."
Smith was speaking as the first year that the new regulations have been in operation draws to a close on 26 May. During this period, the ICO has adopted a softly, softly approach in which it has issued guidance and advice to businesses, appreciating that it might not be a straightforward process for many organisations to make the desired changes straightaway.
At the moment, the focus of the ICO is on cookies. The Commissioner will write to a top-50 list of websites in the UK in the next week to ascertain their compliance with the new regulations.
While Smith did not name any of the organisations that the ICO will be writing to, they will almost certainly include all the major media websites, such as Telegraph.co.uk, Dailymail.co.uk and Guardian.co.uk, as well as the operators of the government's big departmental websites – many of which are not yet compliant with the new law.
[Turn to next page]
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy