In the week commencing 12 May, members of the Global Privacy Enforcement Network (GPEN) will conduct an online privacy sweep, focusing on the transparency with which mobile apps collect personal data.
GPEN is an informal network of 27 Data Protection Authorities (“DPAs”) that was established in 2007. Its members include the UK’s ICO, France’s CNIL, Spain’s AEPD, Canada’s OPC and the U.S. FTC.
The network’s tasks are to:
- Support joint enforcement initiatives and awareness campaigns
- Work to developed shared enforcement policies
- Share best practices in addressing cross-border challenges
- Discuss the practical aspects of privacy law enforcement co-operation
The sweep is part of an effort to ensure that consumers are fully aware of the ways in which apps gather and use personal data. To this end, DPAs will focus on the level of permission requested by apps, the way in which the permission is requested and the purposes for which personal data are used. The DPAs will focus in particular on whether the level of permission requested by the app is what would be expected of an app of its type, or whether it appears excessive.
The results of the 2014 sweep are expected to be published later this year.