Story image

How to build user trust in your business mobile apps...

10 Jul 14

The Privacy Commissioner has released a new resource for businesses and app developers to help them understand their legal obligations under the Privacy Act when collecting personal information through mobile apps.

Apps can gather large amounts of information about their users but some don’t explain clearly what information they collect and for what purpose.

Over 64 percent of New Zealanders own a smartphone and worryingly, in a recent NetSafe survey, 75 percent said there was nothing sensitive stored on their device.

While consumers may assume that established, trusted businesses will develop trustworthy apps, the Commissioner insists this is not necessarily the case.

It is important that agencies, businesses and app developers know that it is unlawful to collect more information than is necessary and that consumers are informed about the permissions they agree to when they download an app.

The New Zealand Privacy Commissioner’s Need to Know or Nice to Have guidance is now available and designed to help businesses build user trust and loyalty through good privacy practices.

"When apps don’t convey basic information about what the business is collecting personal information for, it’s difficult for people to feel confident that their information is being looked after," the report says.

In May, the Privacy Commissioner’s Office joined 27 overseas privacy enforcement authorities from the Global Enforcement Network (GPEN) in carrying out a survey of commonly used apps. As well as international apps, we surveyed a number of New Zealand ones.

The New Zealand results showed that only 50 percent of the apps examined had a link to their privacy policies available on the marketplace listing. Once they were installed on a device, 64 percent did not display or have any link to a privacy policy within the app itself.

While the overall international results are still being compiled, our results show that not enough information is being provided to users about how an app accesses and uses their personal information.

That’s why we’re making available out Need to Know or Nice to Have guidance for businesses and mobile app developers.

This comprehensive app privacy resource is based on five simple concepts:

1. Make a plan and spot the risks

2. When a user makes a decision to download your app, be there with the right information

3. ‘Nice to know’ does not mean ‘need to know’

4. Invest some time working out how to make privacy clear and relevant to your users

5. Providing information in real time is as important as being up front in advance.

The Need to Know or Nice to Have guidance is now available at www.privacy.org.nz.

Silver Peak hits big four with Google Cloud agreement
Silver Peak is the only SD-WAN vendor to partner with all four leading public cloud providers – Amazon, Google, Microsoft and Oracle.
Comms providers hit by most DDoS attacks in Q3 2018
New data indicates attackers preyed on the large attack surface of ASN-level communications service providers with a ‘bit-and-piece’ approach.
MNF Enterprise brings calling to MS Teams
Businesses can now use Microsoft Teams for local and international phone calling from their computer or device.
Survey reveals CX disconnect is risky business
Too much conversation and too little action could lead companies to neglect, lose, and repel their very lifeblood, according to Dimension Data.
Should AI technology determine the necessity for cyber attack responses?
Fujitsu has developed an AI that supposedly automatically determines whether action needs to be taken in response to a cyber attack.
Police making progress into Cryptopia breach
New Zealand Police say they are making ‘good progress’ into the investigation of an alleged cryptocurrency theft from Christchurch-based crypto exchange Cryptopia.
NEC concludes wireless transport SDN proof of concept
"Operation and management of 5G networks are very complicated and require automation and closed-loop control with timely data refinement and quick action."
Trend Micro’s telecom security solution certified as VMware-ready
Certification by VMware allows communications service providers who prefer or have already adopted VMware vCloud NFV to add network security services from Trend Micro.