Mobile apps may, and frequently do, have access to a lot of personal information. This personal information can include one’s contact list, location, calendar and photos. Through social network integration, this includes access to even more information.
Mobile app providers, however, tend to forget applying some basic principles of European data protection legislation, such as asking the customer for informed consent before downloading the app.
Research on attitudes conducted by the European Commission shows that a majority of consumers are concerned about how companies use their personal information. Such attitudes have been cited by the Commission in its reform towards new EU data protection rules.
For mobile app publishers, which includes many consumer facing companies who offer mobile apps for their customers, complying with current EU data protection law poses a significant challenge. European data protection law imposes that a data subject gives unambiguous consent to the processing of his or her personal information by a mobile app, since other grounds for legitimate processing under the law (e.g. in the performance of a contract) are usually not applicable. Such consent must be given freely, be explicit and informed, rather than assumed.