Situation

Appropriate Steps

Developing

mobile apps

• deploy privacy by design approach to

determine whether and what types of data

should be accessed, collected, stored, shared

and/or disclosed, and to provide transparent

privacy policies to app users

• use reliable and/or official versions of software

development tools to guard against Trojan

horses or backdoors for accessing the mobile

device information by third parties

• follow the industry’s best practice in secure

coding to ensure its robustness; perform code

review and testing of the mobile apps before

launching them to check for bugs and any

unintended access to information inconsistent

with the design specifications

• properly encrypt all information transmitted to

and from the mobile apps to avoid

interception

• protect all information stored in back-end

servers by access control and encryption

• keep abreast of the latest changes and

development of the mobile operating systems

that may affect how apps behave