One requirement in the proposal calls for all app stores to include steps to report security holes in hosted software. Another would be to make privacy information more accessible for users. Apps also need to specify why they need access to a user’s location and contacts.
At the same time as the DMCS’s proposal, the National Cyber Security Centre published a report warning about compromised and malicious applications. It includes details on compromised SDKs, counterfeit apps, malicious updates, and more. The DMCS also put out a call for feedback from developers and app store operators regarding how to improve security. The government will accept comments through June 29, after which it will determine the next steps before publishing its final proposal later this year.
