24 novembre 2012

Hong-Kong: brochures sur les applications mobiles et les téléphones intelligents

Les enjeux liés aux applications mobiles et à l'utilisation de téléphones intelligents sont mis de l'avant dans deux documents qui l'Office of Privacy Commissioner for Personal Data (OPCPD) d'Hong Kong vient de publier. 

Dans la fiche d'information Personal data privacy protection: what mobile apps developers and their clients should know, l'OPCPD insiste sur le fait qu'en plus de suivre une approche référant à la protection intégrée de la vie privée (Privacy by Design - PbD) et de procéder à une évaluations des facteurs relatifs à la vie privée (Privacy Impact Assessment), les développeurs d'applications mobiles doivent respecter les principes énoncés dans la Personal Data (Privacy) Ordinance. On peut y lire, par exemple, que
Personal Information Collection Statement (PICS)
"Apps Developers have to provide mobile device users with a PICS on or before collecting their personal data. They should communicate to the mobile device users under what circumstances will their personal data be collected, accessed or shared and for what purposes. This notice should be presented to mobile device users clearly before they confirm installing the mobile apps." (Source: p. 3)
Removal Commitment
"Account information (including uploaded or shared information) of a mobile device user should be completely removed upon the user’s request or upon account termination unless there is legal or regulatory reason not to do so. Apps Developers should make this account removal function easily accessible." (Source: p. 4)
Privacy Policy Statement (PPS) 
"Apps Developers should prepare a PPS to outline their policies and practices in relation to personal data. Technical terms and elusive language should be avoided in the PPS. It should be easily readable and easily understandable, and in appropriate length. Its location on the mobile apps should be prominent. Its availability also on the businesses’ normal websites is recommended." (Source: p. 5)
Contact Details for Making Data Access and Correction Requests 
"Apps Developers should make available their contact details (including name or post title, and address) in the mobile apps to facilitate mobile device users to make data access and correction requests. They should also have policies and procedures in place to ensure that a request is complied with or refused (as the case may be) within 40 days from receiving the request. Please refer to the Guidance on the Proper Handling of Data Access Request and Charging of Data Access Request Fee by Data Users published by the Commissioner." (Source: p. 6)
Dans la brochure Protect Privacy by Smart Use of Smartphones, l'OPCPD rappelle comment protéger son téléphone intelligent et sécuriser les données qui y sont stockées, comment utiliser en toute sécurité les applications mobiles et limiter la géolocalisation.  

Aucun commentaire:

Enregistrer un commentaire

Remarque : Seul un membre de ce blog est autorisé à enregistrer un commentaire.