The concern about privacy, especially in the digital age, has been around for a while. It’s what led to compliance requirements like HIPAA. But it’s amazing what a few high-profile incidents (Facebook and Cambridge Analytica) and high-profile regulations (GDPR) can do to make data privacy a front-of-the-line issue. Other countries are jumping onto the data privacy legislation bandwagon, as are an increasing number of states. And now we’re seeing data privacy become a higher priority for individual businesses.
In June, Apple announced that it will add a data privacy policy for apps and app updates, effective October 3. Although the official news from Apple states that this policy is for new apps, I did note that other announcements and articles about the privacy policy will apply to all apps offered through the App Store. I hope that is the case because apps are a serious privacy weak spot.
We know that apps gather all sorts of information from your device, all of which you essentially agree to the moment you hit the install button. Tech.co pointed out some of the worst offenders for data gathering. You might be willing to put up with an app using your personal data for dating and social media sites, but for a flashlight app? But yes, it was found that at least one flashlight app was not only using your personal information taken from your phone, but also selling it. (Luckily, newer phones have built-in flashlight functions, and when I noticed that on my new phone, my old flashlight app was quickly uninstalled. But probably not before damage had been unknowingly done.)
With that in mind, I hope Apple is taking into consideration those older apps that may not be updated in the near future. After all, Apple has long prided itself on being a leader in privacy and security, and as some reported, this update is long overdue.
Apple’s new policy will require app developers to share how data is collected and how that data is used. And the policy only applies to applications, not to Apple itself because iPhones alone collect a lot of information and as USA Today stated:
The company does admit that it freely collects information about what music we listen to, what movies, books and apps we download, which is “aggregated” and used to help Apple make recommendations. Apple says it doesn’t share this information with outside companies, either and notes that it doesn’t know the identity of the user.
Another point to note here is that the new privacy regulation may not be as much to protect users but to protect Apple, as TechCrunch noted:
Apple’s new requirement, therefore, provides the company with a layer of protection – any app that falls through the cracks going forward will be able to be held accountable by way of its own privacy policy and the statements it contains.
But it’s a step in the right direction. The push for data privacy has to be a joint effort between government and business, and when one entity isn’t doing enough, it’s good to see another step up.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba