When an app is launched, one of the biggest risks is that the privacy and security are not taken care of. A lot of problems can be avoided by incorporating legal requirements early in the design process. Here are eight tips to get you started.
1. Identify which personal data you want to collect. The term personal data is very broad: according to the Dutch data protection authority, this includes data like IP-adresses, MAC-adresses and location data. The database scheme often is the best starting point for such an exercise.
2. Identify what happens to those data. Are they being sent to the server, or are they stored on the telephone and if so, how are they stored? How long are they stored, and who has access? When you have identified which data you want to collect and what you want to do with the data, then it’s time for the next step.
3. Have a critical look at the data you want to collect. Is there a good reason to collect these data, or are you collecting these data out of habit, or simply because you can? You cannot collect more than you need on the basis of the privacy rules. If you don’t have a good reason for the collection, the data protection authority can start an investigation.
4. Choose consciously where you store data. If you are able to store data in the phone instead of in the cloud, this is often preferable. This way you prevent the risks of central data storage, such as data breaches, theft and governmental requests. But sometimes there are good reasons to store data in the cloud. In that case, it is advisable to consider with which company you will store your data: do the intelligence services of the US or other countries have easy access to those servers?
5. Determine how long you store these data. You cannot store data longer than necessary. This means you have to investigate whether the data you receive and store are still necessary, for example after a transaction with a customer is already finalised.
6. Investigate whether there are privacy-friendly ways to implement authentication. Cryptography for example allows for an elegant way to determine attributes of a user (such as age) without all data of that user having to be known.
7. Investigate whether there are privacy-friendly ways to implement collection. An example of this is the select-before-you-collect principle to determine whether telephone numbers from an address book of a user are already known on the server. Using hashes, the system can check whether a number is already known at the server, and only if that is the case will all the data of these – already known – users be transmitted to the server. This way, it is avoided that phone numbers and other data of non-users are sent to the server.
8. Secure your data well. This means for example that personal data will always have to be transmitted over the internet via an encrypted line. It can sometimes also be necessary to encrypt the data at the side of the user.
Do you have questions about designing a privacy-friendly app? Please contact Ot van Daalen (+31 6 5438 660, firstname.lastname@example.org).