An analysis by SafeDK has found that 55% of mobile apps may infringe upon users’ privacy when new regulations come into effect later this year.
Their investigation concerned the use of software development kits (SDKs) in mobile apps.
The European Union’s General Data Protection Regulation, coming into effect on the 25th of May, will give users more control over their personal data.
Google Play is also set to bring in new, similar requirements for apps listed on its marketplace.
Apps which access a user’s location, contact list or information about other software on the phone using SDKs are extremely common, and under certain circumstances they may breach the new set of rules.
Third party SDKs working through an app and accessing a user’s location without their knowledge are particularly likely to be problematised by the new legislation.
There is a concern that third party code can act as a fully integrated ‘black box’ within another app, and that sensitive information (e.g. about underage users) could be collected without explicit user consent.
Venturebeat reports that “(…) after May 25, the EU will require that users must be made aware that the information is taken or passed to third parties, they have the right to be “forgotten” (having all personal details deleted from servers), and more. Any violation could result in extremely high fines.
“Google also said it will start enforcing stricter regulations about private user data access. Starting in February, apps must only access information integral to their core functionality or provide information about the data being taken.”
Read more here.