GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps

GDPR Compliance Assessment for Cross-Border Personal Data Transfers in Android Apps

The pervasiveness of Android mobile applications and the services they support allow the personal data of individuals to be collected and shared worldwide. However, data protection legislations usually require all participants in a personal data flow to ensure an equivalent level of personal data pr...

Full description

Bibliographic Details
Main Authors: Danny S. Guaman, Jose M. Del Alamo, Julio C. Caiza
Format: Article
Language:English
Published: IEEE 2021-01-01
Series:IEEE Access
Subjects:
Assurance
Android
application
assessment
compliance
data protection
Online Access:https://ieeexplore.ieee.org/document/9328756/
Description
Summary:The pervasiveness of Android mobile applications and the services they support allow the personal data of individuals to be collected and shared worldwide. However, data protection legislations usually require all participants in a personal data flow to ensure an equivalent level of personal data protection, regardless of location. In particular, the European General Data Protection Regulation constrains cross-border transfers of personal data to non-EU countries and establishes specific requirements to carry them out. This article presents a method to systematically assess compliance of Android mobile apps with the requirements for cross-border transfers established by the European data protection regulation. We have validated the method with one hundred Android apps, finding an outstanding 66% of ambiguous, inconsistent and omitted cross-border transfer disclosures.
ISSN:2169-3536

Similar Items