Mobile App Policy Violations – How Serious Is The Problem?

Mobile App Policy Violations – How Serious Is The Problem?

Mobile App Policy Violations – How Serious is the Problem?

The recent furore around SnapChat and its supposed policy violations has once again thrust the issue of mobile data privacy and security into the spotlight.

The Federal Trade Commission (FTC) recently levelled a long list of charges against the popular photo and video sharing app. The list included accusations that videos sent through Snapchat were easily accessible by plugging a phone into a computer, that users could preserve images by taking screenshots, that the app tracked the geo-location of Android users, and that numerous security flaws allowed attackers to easy access usernames and phone numbers.

CloudTweaks - Mobile

All of these accusations directly contradict the alleged features that have made SnapChat so popular; the app has grown its user-base on the understanding that sent media was a) private and b) would be deleted within a few seconds of being viewed.

For their part, SnapChat have not formally admitted culpability and used a recent blog post to claim that they “have resolved most of those concerns over the past year by improving the wording of [their] privacy policy, app description, and in-app just-in-time notifications” – adding that they remain committed to investing in security and counter-abuse measures.

SnapChat may be forgiven for initially underestimating how popular the app would become, and although the FTC’s judgement means SnapChat now faces twenty years of scrutiny, it is at least commendable that the company has addressed the concerns head-on.

Perhaps more importantly than the individual case of SnapChat, the revelations have raised wider concerns about which other mobile apps might be in breach of their purported terms and conditions.

Creating apps is becoming an increasingly accessible hobby for the masses, with the point-and-click nature of development meaning that people who have little skill in programming are now able to design content in a way that was previously impossible. It would be naïve to suggest that all these new developers have the necessary technical proficiency to insert the requisite privacy notices to alert users to the many potential privacy pitfalls that await them.

As the SnapChat case highlights, even skilled and knowledgeable developers struggle to correctly code multiple languages to fulfil their legal obligation for a comprehensive privacy protection policy. They can easily find themselves in trouble if their app uses or shares personal data, geo-locations, audio content, or video content without it being fully highlighted to a user.

SnapChat isn’t the first company to fall foul of the FTC. In 2011 the iOS social networking app ‘Path’ was charged with engaging in deceptive business practices by claiming in its privacy policy that it only collected information such as the user’s IP address, operating system, browser type and site activity when in reality they were collecting and storing information as diverse as users’ address books, phone numbers, email addresses, Facebook usernames, Twitter usernames, and dates of birth. The incident cost the developers a mammoth $800,000 in civil penalties.

A year later Delta Airlines found themselves in the crosshairs as the California attorney general opened proceedings over their app’s “non-existent privacy policy” with Justin Brookman (Director of Consumer Privacy at the Centre for Democracy and Technology) taking to Twitter to claim that the company could face up to $2.5 billion in penalties.

So what can be done? Governments around the world have long-since introduced legislation to try and combat the problem of opaque and difficult-to-understand privacy policies, but it is clear that with almost 2,000,000 apps across Apple’s and Google’s stores, monitoring and managing all of them is impossible.

There are also numerous courses and training programs that developers can attend, but again, it is unreasonable to expect casual ‘bedroom’ developers to go to such lengths for apps that they know might only be downloaded a handful of times, if at all.

It seems that at the moment the threat of fines, loss of revenue, and public embarrassment remains the best deterrent. It was reported that SnapChat turned down multi-billion dollar offers from both Facebook and Google in late 2013, offers that are unlikely to resurface now the brand has become significantly more toxic and users are slowly abandoning it. It should serve as a lesson to all budding developers.

By Daniel Price

About Daniel Price

Daniel is a Manchester-born UK native who has abandoned cold and wet Northern Europe and currently lives on the Caribbean coast of Mexico. A former Financial Consultant, he now balances his time between writing articles for several industry-leading tech (CloudTweaks.com & MakeUseOf.com), sports, and travel sites and looking after his three dogs.

Find out more
View All Articles

Sorry, comments are closed for this post.

Comic
Cloud Computing – The Good and the Bad

Cloud Computing – The Good and the Bad

The Cloud Movement Like it or not, cloud computing permeates many aspects of our lives, and it’s going to be a big part of our future in both business and personal spheres. The current and future possibilities of global access to files and data, remote working opportunities, improved storage structures, and greater solution distribution have…

The FTC, Data Privacy and Facebook

The FTC, Data Privacy and Facebook

Data Protection Facebook is in deep water over their recent decision to start harvesting phone numbers from one of the apps they own, called WhatsApp. WhatsApp is a mobile phone app that allows people to place long distance phone calls and send SMS messages for free. A complaint was filed with the Federal Trade Commission…

Three Tips To Simplify Governance, Risk And Compliance

Three Tips To Simplify Governance, Risk And Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In the face of such challenges they strive to perform better, be leaner, cut costs and be more efficient. Effective governance, risk and compliance (GRC) can help preserve the business’ corporate integrity and protect the brand,…

The Annual Compliance & Ethics Institute:  Hot Topics – Cyber Security, Big Data, Privacy Breach Response

The Annual Compliance & Ethics Institute: Hot Topics – Cyber Security, Big Data, Privacy Breach Response

Cyber Security, Big Data, Privacy Breach Response MINNEAPOLIS, Aug. 30, 2016 /PRNewswire-USNewswire/ — Cyber security, social media, modern slavery, anti-corruption, export controls and sanctions, and privacy top the list of “Hot Issues” compliance and ethics professionals face each day. These and many other compliance and ethics concerns will be addressed at the 2016 Compliance & Ethics…

Top 5 Digital Health Trends

Top 5 Digital Health Trends

Digital Health Trends It is very important to keep up with the changing technology. However, it is also just as important to advance the consumer experience, care delivery methods and create opportunities for career development for the healthcare workforce. Five trends that are proven to be effective in winning in the digital age have been…

Ending The Great Enterprise Disconnect

Ending The Great Enterprise Disconnect

Five Requirements for Supporting a Connected Workforce It used to be that enterprises dictated how workers spent their day: stuck in a cubicle, tied to an enterprise-mandated computer, an enterprise-mandated desk phone with mysterious buttons, and perhaps an enterprise-mandated mobile phone if they traveled. All that is history. Today, a modern workforce is dictating how…

Four Keys For Telecoms Competing In A Digital World

Four Keys For Telecoms Competing In A Digital World

Competing in a Digital World Telecoms, otherwise largely known as Communications Service Providers (CSPs), have traditionally made the lion’s share of their revenue from providing pipes and infrastructure. Now CSPs face increased competition, not so much from each other, but with digital service providers (DSPs) like Netflix, Google, Amazon, Facebook, and Apple, all of whom…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Get Ready For Virtual Reality and the Cloud

Get Ready For Virtual Reality and the Cloud

Virtual Reality Cloud We’re lucky to live in an era where virtual reality is no longer relegated to the confines of a sci-fi movie universe. Thanks to technology introduced by products like Oculus Rift, consumers now have access to virtual environments with fully immersive graphic capabilities. As a result, companies have only just begun to…

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth The Internet of Things is the latest term to describe the interconnectivity of all our devices and home appliances. The goal of the internet of things is to create universal applications that are connected to all of the lights, TVs, door locks, air conditioning, and…

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

Ambitious Startups An oft-quoted statistic, 50% of new businesses fail within five years. And the culling of startups is even more dramatic, with an estimated nine out of ten folding. But to quote Steve Jobs, “I’m convinced that about half of what separates the successful entrepreneurs from the non-successful ones is pure perseverance.” So while…

5 Considerations You Need To Review Before Investing In Data Analytics

5 Considerations You Need To Review Before Investing In Data Analytics

Review Before Investing In Data Analytics Big data, when handled properly, can lead to big change. Companies in a wide variety of industries are partnering with data analytics companies to increase operational efficiency and make evidence-based business decisions. From Kraft Foods using business intelligence (BI) to cut customer satisfaction analysis time in half, to a…

Cloud Infographic: The Explosive Growth Of The Cloud

Cloud Infographic: The Explosive Growth Of The Cloud

The Explosive Growth Of The Cloud We’ve been covering cloud computing extensively over the past number of years on CloudTweaks and have truly enjoyed watching the adoption and growth of it. Many novices are still trying to wrap their mind around what the cloud it is and what it does, while others such as thought…

4 Different Types of Attacks – Understanding the “Insider Threat”

4 Different Types of Attacks – Understanding the “Insider Threat”

Understanding the “Insider Threat”  The revelations that last month’s Sony hack was likely caused by a disgruntled former employee have put a renewed spotlight on the insider threat. The insider threat first received attention after Edward Snowden began to release all sorts of confidential information regarding national security. While many called him a hero, what…

Big Data – Top Critical Technology Trend For The Next Five Years

Big Data – Top Critical Technology Trend For The Next Five Years

Big Data Future Today’s organizations should become more collaborative, virtual, adaptive, and agile in order to be successful in complex business world. They should be able to respond to changes and market needs. Many organizations found that the valuable data they possess and how they use it can make them different than others. In fact,…