Code of practice for app store operators and app developers

13 October 2023: update

An updated version of the code of practice was published on 13 October 2023.

This is the latest version and should be used from now on by app store operators and app developers.

Applications (“apps”) are increasingly essential to everyday life and work. Apps are primarily accessed via app stores across a range of devices, including desktops, smartphones, smart TVs, games consoles, smart speakers and wearables. The UK government has investigated the app ecosystem and found a range of threats relating to malicious and poorly developed apps.

The government’s intention is to ensure consumers are protected from online threats by taking forward a robust set of interventions which are proportionate, pro-innovation and future-facing.

Following a public consultation, the government has developed this updated code of practice for all app store operators and app developers.

The code sets out the minimum security and privacy requirements which should be followed by app store operators and app developers. The government strongly believes this code will help protect users from malicious and poorly developed apps.

For more information, please see:

• the press notice from the launch of the original version of the code of practice
• the government’s response to the call for views
• the written ministerial statement to Parliament.

To view all documents relating to app security and privacy, please visit the app security and privacy collection page.

This work is part of the government’s £2.6 billion National Cyber Strategy which is helping to protect and promote the UK digital economy. A key part of this is improving cyber resilience across the economy and making sure the technology we use every day at home and at work is secure.