With the release of the first ever Smartphone in 1992 (the IBM ‘Simon’) to the launch of the iPhone in 2007 and that of the first ever android Smartphone in 2008 (the HTC ‘Dream’), smart phones have rapidly emerged to become our preferred method of communication. The advent of Smartphone technology gave rise to what essentially made the Smartphone ‘smart’- the mobile applications, or apps as they are referred to now. There are hundreds of thousands of different applications available from a range of app stores for each popular smart device type. The era is long gone when mobile devices were just a means of voice communications. Mobile applications now provide an array of services from social networking, shopping, banking, ticketing to corporate applications such as email, calendar and address book applications – there seems to be an app for almost everything. The Apple iPhone and iPad, as well as all subsequent Smart phones and smart tablets, owe their popularity and most of their functionality to their ability to run mobile applications.
It has been reported that more than 1,600 new apps are added to app stores daily. An average smart phone user downloads 37 apps. These mobile applications thus are being released in a flurry. In the times of Facebook, Viber and Whatsapp, privacy aspect has been left redundant. These mobile applications have gone from being a means of connectivity to a means of inconvenience and imposition of surveillance. As these applications are easier to download and more consumers purchase Smart phones and tablets, a very real privacy concern emerges.
There’s a plethora of security and privacy risks regarding them as these apps store and transmit a lot of private and sensitive information about their users without the user’s knowledge or consent. Information includes location, contacts, photos and corporate information, such as login credentials, private contact details, credit card details, invoices and purchase orders and other private information that the consumer does not consciously share. Even when mobile applications obtain a user’s consent to collect private data, other issues remain. For instance, consent is usually obtained in such a manner that even subsequent to consenting; the user stays ignorant in the matter of what particular data he or she has released.
Recent research showed that many apps abundantly collect data from smart phones, without any meaningful relationship to the apparent functionality of the app. For over a week, Facebook has been pushing users to download the new standalone Messenger app in light of the fact that it is disposing off the feature in its regular application. Some users were notified that their in-app message function was disabled, and they needed to download the new app if they wanted to use the private chat service. But Messenger’s user agreement terms for Android-run devices were seen by many as increasingly invasive and yet another way Facebook was making privacy rights immaterial and irrelevant.
Some of the questionable terms incorporated permitting the app to make calls without the user’s knowledge, record audio, take pictures and feature any time. The app also reserves the right to scroll through users’ contacts and call logs, and in addition gather personal information stored on the mobile devices including data stored in other apps. Backlash against the app’s terms is just the latest privacy controversy Facebook has had to manage.
The social network admitted in June that it performed psychological experiments on users by manipulating their timelines. News of the experiments, which tried to alter users’ moods based on what they read, incited public furor over the company’s continuous push of privacy boundaries. Moreover, Facebook and other tech companies have been under pressure to tighten their privacy policies domestically and abroad in the wake of former U.S. National Security Agency contractor Edward Snowden’s document leaks in 2013.
Facebook is currently tussling with European lawmakers, and awaiting a European Union court to rule whether the company broke privacy laws when it gave the NSA access to German citizens’ profiles. Adding fuel to fire of privacy concerns, the cloud system of data storage went kaput a few months back, wherein hackers leaked private risqué photos shared or stored via such mobile applications. Even more on the flipside, there has been an increase in stalking and numerous instances of bullying be it the young or old. These mobile applications encroach upon the private spheres in the most disastrous ways possible.
Research shows mobile apps are growing at a rate of 29.8% each year, and that the 1.2 billion mobile users currently using apps will climb to 4.4 billion by the year 2017. Applications for mobiles are being developed at a tremendous rate but often without proper security implementation. These applications can cause serious information security and data privacy issues and can have severe repercussions on users and organizations alike. Therefore, all applications must undergo a thorough security assessment before being released into production to confirm that all the privacy and security issues have been addressed.
The legal right to privacy is constitutionally protected in most democratic societies. This constitutional right is expressed in a variety of legislative forms. Examples include the Privacy Act (1974) in the USA, the proposed Open Democracy Act in South Africa (1996) and the Data Protection Act in England. During 1994 Australia also accepted a Privacy Charter containing 18 privacy principles which describe the right of a citizen concerning personal privacy as affected by handling of information by the state. The Organization for Economic and Coordination and Development (OECD) also accepted in 1980 the Guidelines for the Protection of Privacy and Trans border Flow of Personal Data.
India has no dedicated privacy and data protection laws, which makes us vulnerable to violations of privacy by mobile apps. Courts have read the right to privacy into the other existing fundamental rights, namely the right to freedom of speech and expression under Article 19(1) (a) and right to life and personal liberty under Article 21 of the Constitution of India. However, these Fundamental Rights under the Constitution of India are subject to reasonable restrictions given under Article 19(2) of the Constitution that may be imposed by the State. However, the relevant laws in India dealing with data protection are the Information Technology Act, 2000 and the (Indian) Contract Act, 1872. India is also weak at protecting civil liberties in cyberspace. The right to privacy is a right that the Indian government can no longer ignore, especially with the growing use of apps in everyday life. One can only hope that an effective law regarding protection of privacy comes out in the near future, to avoid infringement of our privacy.
Photo Courtesy: https://www.google.co.in/search?q=Mobile+applications+privacy&biw=1366&bih=667&source=lnms&tbm=isch&sa=X&ved=0CAcQ_AUoAmoVChMI6N3rtKWcxwIVz1uOCh1smwiQ#imgrc=QPsy71t20Hf4FM%3A
 Report in ConceivablyTech of 19 August 2012, available at www.conceivablytechcom/10283/business/apple-app store-to-reach-1mapps-this-year-sort-of. Quoted by Kamala D. Harris, Attorney General California Department of Justice, Privacy on the go, Recommendations for the mobile ecosystem, January 2013, http://oag.ca.gov/sites/all/files/pdfs/privacy/privacy_on_the_go.pdf
 This is a worldwide estimate for 2012 by ABI Research, http://www.abiresearch.com/press/smartphone-users worldwide-will-download-37-apps-o
 Wall Street Journal, Your Apps Are Watching You, http://online.wsj.com/article/SB10001424052748704694004576020083703574602.html
 Ajay Sharma, ”Can you feel me now”-The new age of mobile apps, available at http://www.charterglobal.com/can-you-feel-me-now-the-new-age-of-mobile-apps/
 Collier, G. (1994). Information privacy. Just how private are the details of individuals in a company’s database? Information Management and Computer Security, 3 (1): 41-45.