The contents of this article is accurate and true to the best of my knowledge, but I am not a lawyer, and this is not legal advice.
Why is privacy important? Why does it even matter that your app collects private data?
Privacy is “the claim of individuals […] to determine for themselves when, how, and to what extent information about them is communicated to others.”Alan Westin (1967)
Just like freedom, liberty, and love – privacy is a broad concept that represents many underlying ideas. The definition of privacy quoted above is the most unequivocal definition I’ve found, and it’s a good starting point for understanding what privacy means and why it’s important.
Privacy allows you to prevent your data from being communicated to others. You might not mind a developer using your personal data for the app to function, but you may think twice about that same developer selling it to third parties. You might not mind that your personal data is stored on the developer’s web server, but you may wonder what happens if your data is stolen by hackers. Once your personally identifiable information gets into the wrong hands, it can be used for identity theft or lead to situations where your medical history or dating app preferences could be misjudged. Even worse, if your location data gets into the wrong hands, it could enable kidnappers while you’re in a foreign country, or let a stalker know where you are.
When apps track you across the web, they can show you the same content over and over again. This creates a false impression that could make you believe that a political idea is true because of how popular it seems to be. It could make you believe a medical product is really popular, so maybe it works. However – you’ve been tricked, and your personal browsing history made it all possible.
Collecting private information exposes your users to some or all of these risks, but it also enables your application to be more useful. Privacy and usefulness can sometimes be trade-offs. As a developer, you should understand how your app handles private data, find the balance of trade-offs that’s best for users, and communicate this to your users. Be up front about how you use personal data and let your users decide whether the trade-off is a good one.
Legal jargon to know
Personally identifiable information is information that by itself, or when combined with other information, can be used to identify an individual person.
User tracking is the practice of sharing user data between third parties to target content and advertising.
Data collection is the practice of saving user data to a developer’s server after a user request is completed.
- For each type of data, explain why it’s necessary or whether it’s optional to share.
- Describe what will happen to user data if your business is sold.
- Specify how your app licenses user generated content. Do users own their data?
- Describe what happens if a user closes their account, or if their account is suspended.
- State whether you delete user data when you terminate an account.
- State whether you delete information after a period of inactivity, or after it’s no longer needed.
- State whether you allow users to make data deletion requests.
- Describe your security practices (such as encryption) for protecting information in transmission and at rest.
- Specify whether your app displays ads and how those ads are generated.
- Specify the jurisdiction where you store data, and state whether you comply with the Children’s Online Privacy Protection Act, California Online Privacy Protection Act, California Consumer Privacy Act, General Data Protection Regulation, and any other privacy regulations in countries where you have a lot of users. For details see Which other regulations do you need to follow?
I produced this list by referencing the App Store Legal Guidelines, App Store Data Collection and Storage Guidelines, Apple Developer Program License Agreement (link requires sign-in), and Apple Documentation. I also read SINTEF‘s Privacy in Mobile Apps report to understand what type of private data usage app users should care about. Finally, I looked at what smaller developers and teams without a legal department are doing (e.g. Overcast, Cascable, Flighty, Unread, Currency, FusionCast).
It’s also a good idea to include a legal disclaimer in the event your system’s security is ever breached. You should always follow best practices to guard personal data, but you want to limit your liability if users’ data is stolen.
Once you’ve covered all the above details, organize the text in a logical way and revise the text to avoid hypothetical (‘may’, ‘can’) or complicated phrases so that you clearly communicate exactly how you handle private data. Use clear statements and avoid legal jargon so your sentences are easier to understand and sound like they were written by a human being.
Which other regulations do you need to follow?
First, there’s the Children’s Online Privacy Protection Act (COPPA, effective 2000). This law applies to apps that are directed to children under 13 years of age. I haven’t worked on any such apps, but if the law applies to your app, you do need to understand its requirements.
If you have users in the United States you need to comply with the California Consumer Privacy Act (CCPA, effective 2020), but it doesn’t apply to many developers. It only applies to for-profit businesses that do business in California and meet any of the following:
- Have a gross annual revenue of over $25 million;
- Buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices; or
- Derive 50% or more of their annual revenue from selling California residents’ personal information.
If you have users in the European Union you need to follow the General Data Protection Regulation (GDPR, effective 2018). It doesn’t have an exemption like the CCPA, but the track record of regulators has been to give out warnings before resorting to fining websites and apps that don’t comply. Most of the businesses that have had to pay a fine, were being punished for not cooperating with regulators.