Published: April 2017
We hear about “mitigating privacy risk” on a regular basis. The GDPR calls for a risk-based approach to privacy operations. Certain “high-risk” endeavors even trigger data protection impact assessments and calls to the local data protection authority’s office? Rarely, however, do we see risk-scoring in action. Until now. The IAPP and Kryptowire have teamed to survey 400 privacy professionals regarding how they score the risk of collecting dozens of types of personal data and performing actions in the mobile environment. We used this data to create this detailed report on mobile-risk scoring, which has been used to fuel the risk dashboard in Kryptowire’s Mobile App Privacy Analysis Portal, available to any IAPP member for analysis of one iOS app and one Android app.