How firms can avoid losing their way over tracking users

Mobile apps have the potential to do everything from bring you information just when you need it to brightening up a dull train journey – but many have the potential to collect more information than end users may expect, not least their location. Location-based services are appealing both to individuals and businesses, whether for finding the best coffee shop in the area or for supporting logistics planning at an enterprise level – many delivery companies are now so dependent on systems using GPS that without them they could collapse.

Despite these benefits, the reality is that users are not always made aware of the purposes for which their location data is gathered and in some cases, not aware that this sharing is taking place.

Data privacy is a hot topic on the agenda of regulators and government. In 2011, the EU issued recommendations on processing of geolocation data by service and app providers. Under this guidance, by collecting location information, an organization is a data controller and therefore inherits all responsibilities associated with that status. Last year a discussion on user privacy on the web generated significant debate on the implementation of the EU Privacy Directive, which guides how websites can use cookies. So it should come as no surprise that regulation is targeting mobile.

If you are an app or service provider that uses location-based services, you should be considering the following:

Be measured. Don’t gather more information than absolutely required. Doing so increases your liability for what can be minimal business gain.

Think globally. This approach means not just considering market reach but also potential implications of different privacy legislations around the globe. This task is complex and in itself should make you reconsider the reward versus risk obtained from data gathered.

Be transparent. While mobile platforms will normally inform users of apps that will access sensitive functionality, such as location-based services, it is important that you provide end users with an explanation of why data is being collected and for what purpose – either via a screen on your app or a link to your website – ideally, do both.