UK government proposes "code of practice" for App Stores

Daniel Sims

Posts: 456   +18
Staff
In brief: This week, the UK government revealed a proposal for the world's first set of standard guidelines for app stores. It comes alongside a new government report on app security and a call for tech companies to voice their opinions.

On Wednesday, the UK's Department for Digital, Culture, Media & Sport (DCMS) proposed security rules for digital marketplaces to follow to protect UK users' devices and data from compromised apps. The DCMS specifically mentions Apple, Google, Amazon, Huawei, Microsoft, and Samsung. However, the proposed guidelines would apply to any online app stores, including those on mobile devices, game consoles, TVs, voice assistants, and other products.

One requirement in the proposal calls for all app stores to include steps to report security holes in hosted software. Another would be to make privacy information more accessible for users. Apps also need to specify why they need access to a user's location and contacts.

At the same time as the DMCS's proposal, the National Cyber Security Centre published a report warning about compromised and malicious applications. It includes details on compromised SDKs, counterfeit apps, malicious updates, and more.

The DMCS also put out a call for feedback from developers and app store operators regarding how to improve security. The government will accept comments through June 29, after which it will determine the next steps before publishing its final proposal later this year.

Permalink to story.

 

Theinsanegamer

Posts: 3,364   +5,591
The UK government has also asked repeatedly for app breaking encryption and spying laws more then once, and is part of the 5 eyes/14 eyes program.

Even if this sounds good on paper I wouldnt trust them.
 

GoldenGoat

Posts: 46   +35
When they say app store, would that include things like linux repositories? Or are they just talking about commercial stores? Is there going to be a penalty if they fail or don't follow this law? and what about stores that only sell one or two apps that they created?