As more and more branded mobile applications come across our desks for legal review, the importance of compliance with privacy legislation (in Australia and worldwide) has turned into a recurring theme.
Where you or your client are collecting personal information about Australian users through an App, you will need to comply with the principles set out in the Privacy Act 1988 which deal with how you may collect, use and disclose such information.
Remember that personal information is information that identifies the user or could identify the user. Common examples are names and addresses, but personal information can also include medical records, bank account details, photos, videos, and even information about what users like, their opinions and where they work – simply put, any information where the user is reasonably identifiable from that information. An obvious example in the App world is where you require users to register to interact with the App, and such registration involves the provision of information like their name and email address.
- What information is collected by the App and how is it used?
- Does the App collect precise real time location information of the device?
- Do third parties see and/or have access to information obtained by the App?
- Is the App supported by advertising, and does the App collect data to help the App serve ads?
- What are the user’s opt-out rights?
- How is personal information stored? How can users access or correct the information held about them?
Our current privacy laws are under consideration for reform this year with one of the take-outs being the importance of privacy policies and clear and accurate disclosures as to how personal information is being used.