In Australia, the Office of the Australian Information Commissioner requires smartphone app developers to embed privacy policies into their products and services. Application developers must comply with Australian Privacy Law and the Australian Privacy Principles (APPs) guidelines. Just like website privacy policies, it is important to integrate good privacy protections into your day-to-day business practice, including mobile apps.
Any information collected by an app must be protected. This includes IP addresses, Unique Device Identifiers (UDIDs), contact lists, location information and photographs. There are stricter obligations for private sector health service providers, businesses that sell or purchase personal information and credit reporting bodies. It is paramount that developers build privacy by design (PBD) into the way they develop apps and handle information. By complying with the Privacy Act, this can also reduce compliance costs for business. The APPs require that you only collect the personal information that is necessary.
As smartphone apps generally appear on smaller screens, it is important to select the right strategy in conveying privacy policies. For example, short form notices with important points up front and links to more detailed explanations can be more helpful. Otherwise, a privacy dashboard that displays a user’s privacy settings and provides a convenient means of changing them can assist users on smaller screens.
Securing and Deleting App Data