The Privacy Commissioner of Canada and 22 other privacy authorities worldwide recently issued an open letter to the operators of seven leading app marketplaces urging them to make links to privacy policies mandatory for apps that collect personally identifiable information (PII).

The letter was issued following the second annual Global Privacy Enforcement Network privacy sweep, which we discussed in a previous post.  While the letter acknowledges that app developers are responsible for communicating their privacy practices to app users, it emphasizes an app marketplace operator’s unique and integral role in users’ interactions with mobile apps. The letter described app marketplaces as important consumer landing spots where individuals can search for new apps, read reviews and access technical information in order for an individual to make an informed decision about apps in the marketplace.

Accordingly, the letter urges that app marketplaces require privacy practice information, such as privacy policy links for apps that collect PII, to be made available to users to ensure that users are meaningfully informed regarding the collection and use of their PII prior to deciding to download an app.