Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

The Privacy Commissioner’s Office will be participating in the second Global Privacy Enforcement Network (GPEN) mobile sweep next week, surveying commonly used New Zealand apps, as well as overseas apps.

This year, 27 privacy enforcement authorities are participating in the sweep – up from 19 in 2013. Each participating country will check for any privacy issues emerging in a variety of mobile applications. GPEN was established to foster cross-border cooperation among privacy authorities.

Mobile apps, many of which collect a great deal of personal information, have been identified as a key area of focus in light of the privacy implications for consumers.

Some of the privacy concerns that have emerged include:

  • whether consumers are clearly informed about the types of personal information an app collects and uses
  • why that data is needed, and
  • collection of information beyond what is needed for an app function.

During sweep week, participants will review some of the most popular apps as well as apps of particular interest to their jurisdiction.  For example, some participants plan to focus on health-related apps or apps developed by public sector organisations.

Among other things, sweep participants will be looking at:

  • the types of permissions an app is seeking
  • whether those permissions are reasonable in terms of the app’s functionality
  • whether the app explains why it wants the personal information, and
  • what the app will do with the information.

The goals of the Sweep include increasing public and business awareness of privacy rights and responsibilities and identifying specific concerns so that they may be addressed with targeted education and/or enforcement.

The global results of this year’s Sweep will be made public by September 2014.

Participants in the 2014 Sweep


Office of the Australian Information Commissioner

Office of the Victorian Privacy Commissioner


Privacy Commission of Belgium


The Office of the Information and Privacy Commissioner of Alberta

Office of the Information and Privacy Commissioner for British Columbia

Office of the Privacy Commissioner of Canada


Office of the Privacy Commissioner for Personal Data, Hong Kong SAR

Office for Personal Data Protection, Macao SAR


Superintendence of Industry and Commerce of Colombia


Estonian Data Protection Inspectorate


Office of the Data Protection Ombudsman


Commission Nationale de l'Informatique et des Libertés


Commissioner for Data Protection Baden-Württemberg

Data Protection Supervisory Authority of Bavaria

Berlin Data Protection Commission

Federal Commissioner for Data Protection and Freedom of Information

Data Protection Commissioner of Hessen


Gibraltar Regulatory Authority


National Authority for Data Protection and Freedom of Information


Office of the Data Protection Commissioner of Ireland


The Israeli Law, Information and Technology Authority (ILITA)


Italian Data Protection Authority


Federal Institute for Access to Information and Data Protection

New Zealand

Office of the Privacy Commissioner


Norwegian Data Protection Authority


Spanish Data Protection Authority

United Kingdom

The Information Commissioner's Office

Information about the Global Privacy Enforcement Network (GPEN) can be found here: https://www.privacyenforcement.net/.

A pdf copy of this media advisory is available here.



For further information contact: Charles Mabbett 021 509 735

Note for Editors

2013 Sweep Highlights

The theme of the first Privacy Sweep 2013 was Privacy Practice Transparency, and highlighted shortcomings in how some organisations provide online information about their privacy practices. 

Globally, almost one quarter (23 percent) of the more than 2,000 websites and mobile apps examined as part of the 2013 Sweep had no privacy policy available.  Approximately one-third of the privacy policies found raised concerns about the relevance of the information in them.

The 2013 Sweep found that mobile app privacy policies lagged behind those found on traditional websites.Some 92 percent of mobile apps reviewed in the sweep raised one or more concerns with respect to how they present information about their privacy practice, and 54 percent had no privacy policy at all.