Categories: Developers / Mobile Apps
Historically users have deleted mobile apps for things like battery drain, bugs or lacking UX. But increasingly privacy is on app users’ minds.
And with good reason. The news has been full of stories about compromised data, digital surveillance and eerie tech company overreach.
Why mobile apps are giving us the privacy heebies
Take social fitness app Strava, whose heat maps accidentally gave away the locations of top-secret military databases.
And Chinese messaging app WeChat, which came under fire in Australia after concerns about spying and surveillance.
With WeChat receiving an impressive 0/100 security score from Amnesty International due to its lack of end-to-end encryption, it’s not hard to see why.
Or digital assistant app Fin, which uses a mix of AI and human brainpower to manage your day-to-day tasks. It’s quick, efficient and useful – but also involves giving permission to a stranger to read your emails.
Or perhaps Citizen – originally called Vigilante – which provides crowd-sourced data on neighborhood crime. The app is meant to add transparency to law enforcement. But in the wrong hands it may spread misinformation, or worse.
Loss of privacy is the cost of convenience
AT&T recently rolled out a “free” Google Fiber competitor in a town in Kansas. The catch? You had to hand over all of your browsing and search history.
As the saying goes, if the product is free, you are the product. Users are basically “paying” for convenience with their own personal data. Want those Snapchat filters? You need to enable location services. Want to scan a check? You need to allow access to your camera. Need directions? Now your phone knows where you live and work…and where, when and how you travel.
The more an app tries to do, the more information it demands. Location data, metadata, email data, social data and banking information are all par for the course. And as personalization and real-time responsiveness become the norm for mobile apps, it’s essential that our handle on privacy keeps up with the tech.
Because once we’ve given up that privacy, there’s no getting it back.
How can mobile app developers do better?
By building privacy into our apps from the ground up. Thanks to Europe’s GDPR data protection overhaul, that’s about to become a lot easier – and a lot more widespread.
Althong with data protection standards, the GDPR includes a framework known as Privacy by Design (PbD). Though not new, it’s only now becoming a widespread standard.
The PbD approach involves thinking about and addressing privacy issues before you start coding. It’s the “prevention is better than cure” mindset applied to privacy.
PbD takes a proactive approach to privacy, where privacy is the default setting. It embeds privacy into design and makes it visible and transparent. It aims to be user-centric, provide end-to-end lifecycle protection and “positive sum”. That is, privacy should work alongside things like security and usability.
Using PbD, developers of mobile apps will have to be conscious of how and why they collection personal data, along with how that data is shared and stored. They’ll also need to reconsider things like social media log-ins and third-party data sharing – and what happens to old data and deleted accounts.
It won’t cure our privacy woes, but it will give us a roadmap for doing right by users – and their privacy.