Privacy and Applications

status: In Progress

This project is divided in three parts: First, an analysis of the Brazilian legal framework related to the personal data collection by mobile applications, as well as an investigation on the reach of the duty of information (transparency) of companies in the sector. In this perspective, we will also try to verify if users are being properly informed about the treatment their data is subject to (i.e. what data is collected, what is it used for, and to whom is it transferred) and the risks involved in such treatment. Second, we will analyze if the terms of use and privacy policies of such applications are in accordance with current legislation. Third and finally, we shall look into the data collection practices implemented by the applications analyzed and how they conform with their own privacy policies, as well as with Brazilian legislation.

For our analysis, we focused primarily on retail store/e-commerce apps were chosen based on their gross revenues and the number of users that have downloaded them through app stores. The main goal of the project is thus to understand the general behavior of companies with respect to data collection, their practices’ accordance with their privacy policies and the alignment of the latter to current legislation. In this way, the applications will be ranked based on their data collection practices.