The Stanford Center has launched a new website, WhatApp.org, where users and experts can review online and mobile apps for privacy and security.
M. Ryan Calo, a residential fellow at Stanford Law School’s Center for Internet and Society, has helped design WhatApp.org with the goal of reducing the risk of computer hacking, identity theft, spam and phishing.
The reviews are being written by lawyers, computer scientists, and privacy and security experts from Stanford and other institutions.
"People are going online to opine about the security and privacy of apps all the time," Calo said. "But none of that discussion is centralized. What we’re trying to say is that if you’re doing it already, come and do it here."
The site also reviews browsers like Firefox and Safari, social networks including Twitter and Facebook and mobile platforms such as Apple’s iPhone, Windows Mobile and Google’s Android.
Users will be able to register as "expert reviewers" and create public profiles that list their qualifications. Calo and his team will verify that new reviewers are who they claim to be, but will leave it to the WhatApp? members to decide for themselves.
"The idea is not to be exclusive and create a club," Calo said. "If you know something or have an opinion about how good or bad an app’s privacy is, feel free to weigh in."
Reviewers will be asked to rate an app based on a number of questions after reading an application’s privacy and security policy.
The reviews come in the form of written comments and badges that award applications up to five green bars for privacy, security and openness. Wikis accompany the reviews to summarize what the app does, and the site immediately offers a list of links to news stories about an app’s privacy and security issues.
"The entire point is to drive the application market toward better privacy and security practices by rewarding those who do a good job and penalizing those who don’t," Calo said.
"Privacy is about having control over information that pertains to you. I think we’re rapidly losing that control, and this is a way to monitor what’s being done with information being collected."
