The Privacy Commissioner’s Office will be participating in the second Global Privacy Enforcement Network (GPEN) mobile sweep next week, surveying commonly used New Zealand apps, as well as overseas apps.
This year, 27 privacy enforcement authorities are participating in the sweep – up from 19 in 2013. Each participating country will check for any privacy issues emerging in a variety of mobile applications. GPEN was established to foster cross-border cooperation among privacy authorities.
Mobile apps, many of which collect a great deal of personal information, have been identified as a key area of focus in light of the privacy implications for consumers.
Some of the privacy concerns that have emerged include:
- whether consumers are clearly informed about the types of personal information an app collects and uses
- why that data is needed, and
- collection of information beyond what is needed for an app function.
During sweep week, participants will review some of the most popular apps as well as apps of particular interest to their jurisdiction. For example, some participants plan to focus on health-related apps or apps developed by public sector organisations.
Among other things, sweep participants will be looking at:
- the types of permissions an app is seeking
- whether those permissions are reasonable in terms of the app’s functionality
- whether the app explains why it wants the personal information, and
- what the app will do with the information.
The goals of the Sweep include increasing public and business awareness of privacy rights and responsibilities and identifying specific concerns so that they may be addressed with targeted education and/or enforcement.
The global results of this year’s Sweep will be made public by September 2014.
Participants in the 2014 Sweep
Office of the Australian Information Commissioner
Office of the Victorian Privacy Commissioner
Privacy Commission of Belgium
The Office of the Information and Privacy Commissioner of Alberta
Office of the Information and Privacy Commissioner for British Columbia
Office of the Privacy Commissioner of Canada
Office of the Privacy Commissioner for Personal Data, Hong Kong SAR
Office for Personal Data Protection, Macao SAR
Superintendence of Industry and Commerce of Colombia
Estonian Data Protection Inspectorate
Office of the Data Protection Ombudsman
Commission Nationale de l'Informatique et des Libertés
Commissioner for Data Protection Baden-Württemberg
Data Protection Supervisory Authority of Bavaria
Berlin Data Protection Commission
Federal Commissioner for Data Protection and Freedom of Information
Data Protection Commissioner of Hessen
Gibraltar Regulatory Authority
National Authority for Data Protection and Freedom of Information
Office of the Data Protection Commissioner of Ireland
The Israeli Law, Information and Technology Authority (ILITA)
Italian Data Protection Authority
Federal Institute for Access to Information and Data Protection
Office of the Privacy Commissioner
Norwegian Data Protection Authority
Spanish Data Protection Authority
The Information Commissioner's Office
Information about the Global Privacy Enforcement Network (GPEN) can be found here: https://www.privacyenforcement.net/.
A pdf copy of this media advisory is available here [PDF, 455 KB].
For further information contact: Charles Mabbett 021 509 735
Note for Editors
2013 Sweep Highlights
The theme of the first Privacy Sweep 2013 was Privacy Practice Transparency, and highlighted shortcomings in how some organisations provide online information about their privacy practices.