According toan inaugural study of the privacy policies, ninety per cent of 113 popular apps downloaded from the Singapore Google Play store do not adequately declare what type of consumer data is collected or how it is used. These apps potentially falls foul of Singapore’s Personal Data Protection Act (PDPA).
In addition, more than half of the mobile apps downloaded tried to get access to user’s sensitive information such as their online and social media identities and location.
The subjects of the three-month study are taxi apps and those from other areas such as banks, real estate agents and financial advisers…The study joint Straits Interactive and Appknox- two local data protection software-makers to carry out the survey and jumped into the conclusion last week.
Organisations that collect customer data that is unreasonable are also banned from the PDPA. For example, a calendar app asking for access to users’ location and photos was considered excessive to collect user data.
Apps from real estate agents and financial advisers also require access to personal location, online identities, and even microphone and camera functions. Most of them do not explain how the data will be used. Also, other apps that seek access to user’s online identities, location and even microphone and photos are illegal unless they explain how the data will be used.
Mr Ken Chia, Baker & Mckenzie.Wong & Leow’s principal, said that excessive data collection might place organisations in bad situation because they might not be aware of their actions that might be contravening the Act.
The Personal Data Protection Commission, which governs the collection, use and disclosure of personal data, urged mobile app developers to review their policies according to the law. The spokesman said organisations should only gather and use customer’s personal data on reasonable purposes and with permission of customer. They should also inform customer about data collection unless it is in case of emergency.
According to Lawyer Gilbert Leong, a partner at Rodyk & Davidson, most apps might not request user data for negative purposes but app developers should have provided options for user to choose between turning on or off any privacy feature within an app.