- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Government Sets Out New Rules to Enhance App Security
The UK government has thrown down the gauntlet to app store operators and developers, requesting they sign up to a voluntary code of conduct designed to enhance user security and privacy.
In what it described as a “world-first” today, the Department for Digital, Culture, Media and Sport (DCMS) said the rules would help to reduce consumers’ exposure to malicious and bug-ridden apps.
The code will stipulate that app store operators and/or developers:
- Share security and privacy information in a user-friendly way with consumers, such as where user data is stored and when the app was last updated
- Allow their apps to work even if a user chooses to disable optional functionality and permissions, such as location tracking
- Have a “robust and transparent” vetting process to ensure only apps that meet a minimum security and privacy baseline are published
- Provide clear feedback to developers when an app is not published on their store for security or privacy reasons
- Have a vulnerability disclosure process, such as a contact form
- Ensure developers keep their apps up to date to reduce the number of vulnerabilities
The government acknowledged that many app store operators and developers already adhere to many of these rules. However, it will also look at where current laws may need to be tweaked and/or where regulation is needed to improve security in the industry.
Over the coming nine months, the DCMS will work with companies such as Apple, Google, Amazon, Huawei, Microsoft, LG, Epic Games, Nintendo, Valve, Sony and Samsung to help them implement the code.
“Apps bring a lot of convenience to our everyday lives, but rogue apps making their way onto the biggest app stores are a security and privacy minefield – putting consumers at huge risk from data theft and scams,” argued Which? director of policy and advocacy, Rocio Concha.
“The government’s announcement of a new voluntary code is a positive step towards making apps more secure. The app market must now be monitored closely for improvements and to check whether tech firms are falling short in protecting consumers.”
Although designed for consumers, the new rules could also enhance corporate security by ensuring BYOD devices are better insulated from app-based risks. However, threats may persist from some third-party app stores hosted outside the UK.
