Apps for smart phones and tablets collect a large number of information about users. This is why the European Article 29 Working Party issued an opinion on the obligations to be met in the processing of such information applicable to both European and worldwide entities.
Indeed, the Working Party held that the mere presence of smart devices in the European Union makes the processing of the data collected through them subject to European data protection laws for non-European entities. Therefore apps providers wherever located in the world selling apps to European users shall comply with EU data protection laws. Moreover, the obligations set forth by the ePrivacy Directive apply to the access to any information (i.e. also information that are not personal data) in users’ devices located in the European Union by any entity wherever established.
This opinion is likely to substantially change the approach by app providers and sellers on the collection of users’ data especially if it is taken into account that privacy breaches are punished with criminal sanctions in some cases.
As usual if you want to discuss about the above, feel free to contact me, Giulio Coraggio.