Mobile Apps Raise Issues of Data Collection, Monetization

By Nathan Eddy  |  Print this article Print
mobile applications and security

There are growing concerns over what is being done with the user information collected and where the line should be drawn, a Gartner report found.

By 2015, most mobile apps will sync, collect and analyze deep data about users and their social graphs, but most IT leaders will fail to consider the impact mobile apps have on their information infrastructure, according to a report from IT research firm Gartner.

Data from mobile apps, whether deployed on-premises or in the cloud, is not currently managed as part of an organization's information infrastructure, and data collected from mobile apps is often siloed.

The report noted using integration-platform-as-a-service (PaaS) capabilities for cloud service integration can complement existing data integration strategies by moving data from the cloud to the premises, or from cloud to cloud as needed.

There are also growing concerns over what is being done with the user information collected and where the line should be drawn.

Some use-location data offer contextually relevant information, and some also collect other information about their users — such as gender and age group — to further refine the interaction.

"IT leaders should ensure they have infrastructure in place that takes into account data collected, not only via mobile apps, but also from apps running on wearable devices," Roxane Edjlali, research director at Gartner, said in a statement.

With wearable devices expected to drive half of total app interactions, including desktop-based app interactions and mobile apps, with mobile apps making up the majority of these interactions, the line between acceptable and unacceptable use of user data is thinning.

"Personal data is often collected solely in support of a mobile app's requirements and not considered an asset within an organization's overall information infrastructure," Edjlali said. "Consequently, although this data is accessed and potentially stored in support of an app, it is not managed as a full 'citizen' of an enterprise's information infrastructure."

Organizations collecting biometric data through mobile apps linked to wearable devices, for example could be tempted to monetize this data by reselling it.

"Even if personal or biometric data is anonymous, it could have a major impact on a person's ability to get adequate health insurance, if they are identified as belonging to a risk category," Edjlali continued. "In addition, mobile apps that use third parties for authentication deliver data on customer behavior to those third parties."

To manage the risks relating to data collected from mobile apps, organizations need to manage the persistency and perishability of data collected from mobile apps and control the sharing and reuse of mobile app data for other purposes.

"Organizations should plan to manage information across cloud and on-premises implementations, as combining all data on the premises or on a single repository is no longer viable. It is important to understand the service-level agreements (SLAs) for various use cases that access mobile app data, and adapt the information capability accordingly," Edjlali concluded.

Originally published on www.eweek.com.