(25 November 2014) The Office of the Privacy Commissioner for Personal Data ("PCPD") published today "Best Practice Guide for Mobile App Development" ("the Guide") to assist mobile app developers in building privacy-friendly apps.
"Mobile devices are ubiquitous and have transformed business operations and our lives", Privacy Commissioner for Personal Data Mr Allan Chiang commented. "With all they contain and all they may reveal, they hold for many people the privacies of life. With a few clicks, the intimate details held in your phone – photos, past locations, political opinions expressed in emails – may be transmitted to and forever memorised on the Internet. Safeguarding privacy in the use of these devices is therefore imperative and one major player who must live up to this responsibility is the mobile app developers."
The issue of the Guide is triggered by the revelations in a survey conducted by the PCPD of 60 local smartphone apps in May 2013,1 that their transparency in terms of privacy policy was generally inadequate. Specifically, it was found that only 60% of the apps provided Privacy Policy Statements ("PPS") and most of them did not explain what smartphone data they would access and the purposes for the access. These findings have prompted PCPD to embark on an intensive education programme to help mobile app developers to understand and comply with their legal obligations under the Personal Data (Privacy) Ordinance (the "Ordinance").
The compilation of the Guide has benefitted from the experience the PCPD has accumulated by conducting a total of seven seminars with mobile app developers in the past year and the valuable input made by the Hong Kong Wireless Technology Industry Association.
The Guide is especially tailored for small-to-medium enterprises (SMEs) which may not have sufficient resources to establish their own comprehensive app development guide. It provides an easy-to-understand overview of the legal requirements and the Privacy by Design approach in developing products and services. Adopting a comprehensive checklist, it draws the attention of the app developers all the factors that need to be considered in building a privacy-friendly app. It also recommends a set of best practices that would enable the app developers to distinguish themselves from the crowd by gaining enhanced trust from the end-users.
The Guide should be read by app developers and those who commission their work, as well as those who provide codes to app developers for added features, including advertising networks and analytics tool providers.
The Guide can be downloaded from the website of the PCPD at www.pcpd.org.hk/english/publications/files/Mobileapp_guide_e.pdf or obtained at PCPD’s office at 12/F., Sunlight Tower, 248 Queen’s Road East, Wan Chai, Hong Kong.
- End -
1 See media statement: Inadequate Transparency in Privacy Policy for Local Smartphone Applications (www.pcpd.org.hk/english/infocentre/press_20130813b.htm)