The guidelines make it clear that mobile app developers are
responsible for all personal information handled by the app. As a
first step to compliance, the mobile app developers should map out
information flows, identify risks, and put controls in place (such
as contracts and user agreements) to ensure third parties respect
privacy obligations. Mobile app developers should also:
Be transparent about their information handling practices, and
describes the practices.
continues to accurately describe what is actually happening.
Distribute updates of the app with notices of associated
changes in information handling practices, and allow the user to
refuse the update.
Limit collection of information to what is needed now and allow
users to opt out of collection of information for additional,
Use encryption when storing and transmitting data.
Mobile app users should be notified of information handling
practices (i) when they download the app, (ii) when they first use
the app, and (iii) throughout their app experience. Mobile app
developers need to be creative and thoughtful to try to capture
users' attention, without causing notice fatigue.
The guidelines recognize the challenges to obtaining meaningful
consent on the small screen, and suggest a number of strategies,
layering privacy information, placing important points up front
and providing links to more detailed explanations;
using a privacy dashboard that displays a user's privacy
settings and provides a convenient means of changing them;
using visual cues and symbols such as graphics, colour, and
sound as cues to draw user attention to what is happening with
their personal information, the reasons for it, and choices
available to the user.
Further guidance on obtaining meaningful consent to computer
programs that impact on user's privacy may be found in the
Canadian Radio-television and Telecommunications Commission's
(CRTC) guidelines on complying with Canada's anti-spam
Lastly, the guidelines state that if a user deletes the app, then
their information should also be deleted.
In the U.S., the Federal Trade Commission (FTC) has also
introduced guidelines for mobile app developers, which address
truth-in-advertising, as well as privacy issues.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Join Bereskin & Parr partners Susan Keri and Terry Edwards on Wednesday, May 3rd, 2017 for an in-depth discussion with prominent lawyers from the EU and UK about trademark issues for Canadian businesses doing or planning to do business in Europe.
Employee turnover is an unavoidable reality for nearly all businesses. In addition to creating a number of financial and logistical difficulties, employee turnover also raises a number data security issues.
The Office of the Privacy Commissioner of Canada has ruled that the collection and use of a plaintiff's personal information for the purpose of defending against a civil lawsuit is not a "commercial activity" and, ...
While corporate executives are increasingly becoming aware of their obligation to be informed of cybersecurity threats and the steps being taken by their company to prevent data breaches, it is equally important for executives to ensure that the employees are educated with respect to cyber threats.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).