You'll notice that the first story we profile this week is about the GPEN Privacy Sweep.
For those who don't know, GPEN stands for Global Privacy Enforcement Network. It makes sense that, in this increasingly globalized world, regulators are looking at ways to work together on compliance. Surely lengthy and costly investigations aren't the only way to encourage businesses to comply with privacy law.
This was the second annual privacy sweep, again led by Canada. Last year they had 19 DPAs on board, and this year, that number grew to 26, all with a focus on mobile apps. The sweep, as I understand it, is the brainchild of Brent Homan, the Office of the Privacy Commissioner’s (OPC's) head of PIPEDA Investigations, but involved sweepers from across the OPC. (Well there's a team-building exercise for you. Heck, folks, whatever works!)
Rumour has it that Brent is quite the curler. (Sports fans may have heard of his niece, curling star Rachel Homan.) So perhaps it was his fancy curling broom that inspired all these sweeps! But in any event, what they found, probably to no surprise, is that while some apps are getting privacy right, with privacy policies and information clear and available and tailored to a small screen, there are way too many apps that haven't handled privacy obligations in a way that would pass muster if the OPC was actually investigating.
And these findings seemed to be pretty consistent globally. For those of us advising companies or clients who may be doing some app development, it's time we pay attention to the lessons learned from this sweep and start getting creative about how to do this better. These new platforms are definitely involving new privacy challenges for the privacy professional, but we need to adapt and stay hip to them, as the kids say.
Hmm. I wonder what they'll sweep next? Sure hope it's not privacy lawyers!
If you want to comment on this post, you need to login.