Privacy commissioner steps up input on app development

Privacy commissioner steps up input on app development | Insurance Business

Privacy commissioner steps up input on app development
The Office of the NZ Privacy Commissioner is calling on app marketplaces to make it mandatory for mobile app developers to post links to privacy policies prior to download if they’re going to collect personal information.

The directive affects insurers with apps in development and existing apps available on platforms such as Google Play and the App Store.

And with more and more insurance companies embracing digital channels, the topic is growing increasingly relevant.

A spokesman for the New Zealand Privacy Commissioner, Charles Mabbett, said considerable work had been done to help those businesses and agencies that make and use mobile applications understand their obligations under the current Privacy Act.

Last year it launched its ‘Need to Know or Nice to Have’ guidance which urged developers to get away from legalese and communicate through plain English with a privacy policy which is applied through the design process from start to finish.

Now, New Zealand’s privacy authority has joined 22 overseas privacy enforcement partners to raise the issue in an open letter to the operators of seven app marketplaces.

“Having privacy information prior to download is critical as it allows individuals to decide whether they are comfortable with the collection, use and disclosure of their personal information before the app is even on their device,” the Office of the NZ Privacy Commissioner said.

“Without this information, it is difficult for individuals to provide meaningful consent, the privacy regulators said.

The joint recommendation followed a mobile app privacy sweep by the Global Privacy Enforcement Network (GPEN) that found many popular mobile apps were seeking access to large amounts of personal information without adequately explaining how that information would be used.

The Office of the NZ Privacy Commissioner, along with overseas partners, examined over one thousand mobile apps and found a startling 85% of them failed to clearly explain how they would collect, use and disclose personal information.

One insurer, IAG, told Insurance Business they took their privacy obligations very seriously.

An IAG spokesperson in Corporate Communications said the company was committed to growing its digital services, particularly within its State and AMI brands, since customers have told them this is the channel they most prefer doing business with them in.

“As we work to expand in the digital space, we continue to take any concerns and recommendations raised by the NZ Privacy Commissioner, and the protection of our customers’ privacy, very seriously.

“As such, we are reviewing the recent guidance provided by the NZ Privacy Commissioner in this area to understand how it impacts our existing apps and processes and to see if our listings on the App Store and Google Play require updating.”