Embed Privacy by Design to build trust in mobile applications

The smartphones of today are used every day for different purposes, including entertainment, health tracking, shopping and work. According to Statista, the global mobile apps market generated $318 billion USD in revenue, with 218 billion mobile apps downloaded globally in 2020.

Nevertheless, trust is difficult to gain and easy to lose in the digital age. Numerous breaches related to mobile apps have been reported, including Babylon Health, Flo, LINE and Indonesia’s Contact Tracing App. For mobile application developers, this presents a unique challenge: what can they do to create an application that combines functionality, appeal and allows users to feel that they can trust it?

Get a better understanding of how to implement Privacy by Design (PbD) and conduct Data Protection Impact Assessments (DPIA) by attending the course here.

Risks associated with mobile apps 

There are various risks as part of the operations of the mobile application. Throughout the day-to-day operations of a mobile application, data passes through the organisation in four stages: collection, usage/processing, disclosure/transfer, and storage/retention.

Here are a few risks that developers should be aware of when developing mobile applications:

Find out more on how to mitigate risks in the collection, usage/processing, disclosure/transfer and storage/retention of data stages and develop an effective Data Protection Management Programme in our course here.

Watch the video below to learn more about mobile apps, as well as, the privacy, systems and processing risks involved.

What should you do when developing mobile applications?

It is vital to consider Privacy-by-Design principles at each stage of the development and design process of the new mobile application. The Privacy-by-Design concept incorporates privacy into the design of business processes, network infrastructure and information technology systems proactively.

The seven principles are:

A typical software development life cycle starts with:

The ongoing consumer concern over privacy requires companies to move away from simply complying with regulatory requirements and to make privacy their default operating model. Hence, it is crucial to note that privacy by design is not intended to restrict developers and organisations in the development process, rather to empower them to create products and services that are trustworthy and provide consumers with a great experience.

In today's highly competitive market, organisations and developers that demonstrate accountability and transparency will gain an edge over their competitors. 

Find out how to spot and manage your intrusive mobile apps here. To learn the practical application of Privacy by Design (PbD) and conduct Data Protection Impact Assessments (DPIA) and gain operational knowledge in data protection and information security, consider the advanced certificate programme here.

Article by: Steffi Tay (GRCP), edited by Edwin Concepcion (FIP, CIPM, CIPT, CIPP/E, CIPP/US)

The views and opinions expressed in this article are those of the author and do not necessarily reflect the official view or position of DPEX Network. This article was originally published on 27 October 2021.