(MRWD) Privacy, Security and Intellectual Property Issues Lesson

Privacy, Security and Intellectual Property Issues

App developers need to be aware of privacy, security and intellectual property issues before designing or creating an app. 

Intellectual Property Issues

It is illegal to impersonate other entities or infringe on intellectual property rights of others such as trademarks, copyrights, patents, trade secrets, and other proprietary rights.  If you are using copyright material, you must provide evidence of rights to use the content.  

Common violations when creating Apps:

  • Using someone else's material or idea that has been copyrighted
  • Providing streaming apps that allow users to download copyrighted content without authorization
  • Using a word, symbol, or combination that identifies the source of good or service that has been Trademarked

Security Issues

There are more than a thousand new mobile apps hitting the market each day. Since most apps provide or store customer data such as contact information, photos, and locations, they can be vulnerable to breaches and hackers.

The FTC expects app developers to maintain reasonable data security practices.  Every app is different and has different security needs. Apps that collect little or no data will raise fewer security considerations than those that collect and use personal data.

Privacy Issues

Most apps store personal information such as name, birthdate, age and email addresses.  Others store private information such as credit card numbers, photos and other sensitive information. Breaches in privacy are a real concern.  

Apps should have terms of use and privacy statements that include what type of information is collected, how it is used and whether it is shared with third parties.  

Specific laws govern the use of certain types of information and ages of the user.  

The FTC provides tips for dealing with data.

  1. Make someone responsible for security
  2. Only collect data if it is necessary and get rid of it if you do not need it
  3. Understand the mobile platform
  4. Don't rely on the platform to protect your users
  5. Generate usernames and passwords securely
  6. Encrypt data that is transmitted by using HTTPS
  7. If you use libraries and other third-party code, research to see if the library or SDK have known security vulnerabilities
  8. Protect data you store on a user's device through encryption
  9. Protect your servers
  10. Don't store passwords on your server in plaintext
  11. Have a plan for shipping security updates if needed
  12. If you are dealing with financial data, health data, or kids' data, make sure you understand applicable standards and regulations

[CC BY 4.0] UNLESS OTHERWISE NOTED | IMAGES: LICENSED AND USED ACCORDING TO TERMS OF SUBSCRIPTION