Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

UK: DCMS launches consultation on intervention plans to improve app security and privacy

The Department for Digital, Culture, Media & Sport ('DCMS') launched, on 4 May 2022, an open consultation on the Government's intervention plans aimed at improving the security and privacy of apps and app stores, following the 2020-2022 Government's review into the app store ecosystem, which found that malicious and poorly developed apps continue to be accessible to users, indicating that some developers are not following best practice when creating apps. In particular, the App security and privacy interventions consultation paper ('the Consultation Paper') outlines, among other things, the Government's proposed policy interventions, including a voluntary Code of Practice for App Store Operators and Developers ('the Code of Practice') which would incorporate multiple stakeholders and provide clarity on their responsibilities, while providing an opportunity for app stores, as well as third-party app stores to improve their processes. Furthermore, the Consultation Paper provides that operators would be able to follow a principles-based approach to allow them a degree of flexibility with regards to the steps they take to ensure they adhere to each area.

Moreover, the Consultation Paper highlights that, while the proposed Code of Practice would be voluntary, the Government would seek to put incentives in place to encourage adherence to the principles in the Code of Practice, while the Code of Practice also reminds operators and developers of their obligations under Article 25 of the UK General Data Protection Regulation ('UK GDPR'). Additionally, the National Cyber Security Centre ('NCSC') published a threat report on application stores which revealed that all types of app stores face similar cyber threats with the most prominent problem being malware, resulting in malicious apps downloaded by hundreds of thousands of users which put people's data and money at risk.

The consultation closes at 11:45pm on 29 June 2022. Moreover, the DCMS noted that the feedback will inform UK Government policy and their next steps, and depending on the feedback received, the Government may look to publish the Code of Practice later in the year, alongside exploring and taking further action on other interventions outlined in the Consultation Paper.

You can read the press release here, the Consultation Paper here, and the NCSC's threat report here, and access the open consultation page here.