85% of mobile apps don't provide basic privacy information, says survey: What One Thing you can do to protect your Android, iOS devices from data breach

By

Following Apple's iCloud hacking incident and its relation to the Find My iPhone app, there has been much scrutiny over the security of mobile apps across different platforms. Multiple reports have said that a news release provided by the Information Commissioner's Office of the United Kingdom revealed that 85% of mobile applications fail to explain how they use information the apps collect from its users. The survey was conducted by the Global Privacy Enforcement Network (GPEN), a member of the Information Commissioner's Office.

According to a release from the Office of the Privacy Commissioner of Canada, which also reported on the findings, said that the survey, also known as the Global Privacy Enforcement Network Sweep, involved having 26 privacy enforcement authorities from 19 different countries downloading 1,211 global apps to study their privacy policies. Each country also conducted a study of local apps varying in number. The results of the survey reveal that 85% of global apps do not provide adequate explanations to their collection, use and disclosure of users' personal information. 59% of users had a difficult time finding basic privacy information provided by the apps. 43% of apps do not provide privacy policies tailored to mobile devices, making it difficult for users to read and access their privacy information. 30% of global apps did not provide any privacy information at all. Finally, one out of three apps request access to more personal information than their app actually requires, and ask for way too many permissions.

Gartner research shows that around 75% of mobile security breaches stems from misconfiguration of mobile apps. Gartner principal analyst Dionisio Zumerte shares, "Mobile security breaches are - and will continue to be - the result of misconfiguration and misuse on an app level, rather than the outcome of deeply technical attacks on mobile devices."

Zumerte said that breaches happen when devices have been altered at an administrative level. Calling into mind upcoming Android L and iOS 8 devices, he mentioned, "The most obvious platform compromises of this nature are 'jailbreaking' on iOS or 'rooting' on Android devices. They escalate the user's privileges on the device, effectively turning a user into an administrator."

Simon Rice, Group Manager for Technology, said about the study, "Today's results show that many ap developers are still failing to provide this information in a way that is clear and understandable to the average consumer."

Rice added that the ICO and the GPEN will be contacting the concerned app developers to inform them of improvements they can make regarding their privacy policies. Rice also stated that they will be publishing guidelines for users to protect their private information. BBC has stated that the ICO already has previously published a guideline for app developers to follow.

BBC quoted Dr. Steve Murdoch, a researcher at University College London, who said that the report was "sadly not surprising." The Guardian has a similar view, and said that the long list of permission requests are "becoming increasingly common." The British tabloid noted that just last August, the issue of privacy and excessive permissions was raised when Facebook switched their messaging functionality entirely to their Messenger app, which had privacy and permission issues.

Tags
Google Android, Android, Apple ios

© 2024 VCPOST.com All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics