The new rules are being put together by the European Commission’s data protection task force – the Article 29 Working Party - made up of representatives from national EU data protection authorities.
In October, the working party said that it would publish guidance “early next year” in light of the rapid increase in the use of smartphones, the amount of downloaded apps worldwide and the existence of many small-sized app-developers.
The issue will be on the agenda of the group’s next meeting, scheduled for 27 February in Brussels, EurActiv understands.
Of particular concern is the issue of geolocation, with many apps designed to establish the whereabouts of their user, even if this is based on anonymous data.
EU guidance to follow US cases
“We download apps from third parties we’ve often scarcely ever heard of with no idea as to what information they’re going to collect or how they’re going to use it,” said Phil Lee, a technology lawyer with Field Fisher Waterhouse in Palo Alto, California.
“This uncertainty and confusion makes regulatory involvement inevitable,” he said.
The issue has already been making waves in the United States. In December, the California attorney general sued Delta Air Lines for its failure to include a privacy policy within its mobile app, and the US Federal Trade Commission (FTC) launched a report on children’s data collection through mobile apps.
The FTC has indicated that multiple investigations will follow into potential violations of the Children’s Online Privacy Protection Act and the law’s unfair and deceptive practices regime. “The writing is on the wall, and it’s likely EU regulators will begin following the FTC’s lead,” Lee said.
Any new guidelines will be keenly watched by Europe’s app manufacturers.
In an interview with EurActiv, Harri Koponen, the chief operations officer of Rovio – the company behind the popular Angry Birds game app – said that most games app manufacturers rely on geolocation functions to improve their services.
Fears of a chilling effect
“Our interest is ensuring that they [users] get the best service, we are not selling their data,” Koponen said, adding: “We do not use the location of the equipment to sell anything to the user, but to guarantee a minimum downloading speed.”
Geolocation helps to identify where there might be a problem with the functioning of the app service, he explained. “If there is too low a speed then the bandwidth might not be enough, if the service is going to be seamless then it is really necessary for us to use this data.”
Koponen reflects the concerns of other smaller games app makers who fear that new rules might force them to hire extra staff to deal with additional data management.
“It is completely unnecessary and an unwanted process, kind of ‘big brother is watching you’,” said Koponen.
Entertainment and apps businesses are highly competitive, with the Nordic region representing a hub for apps companies.
Koponen said that over-burdensome rules could have a chilling effect, and benefit the businesses of Europe's key competitors in the sector, in the United States and Asia.
