Jawaker, a card game application popular in Arabic-speaking countries, has been recently sold to the Swedish company Stillfront. It would be interesting to see if the company will respect the data of users in the Middle East.
In May 2020, SMEX ran a technical analysis on Jawaker’s security and privacy and found some critical issues that had not been addressed. We brought forward the underlying vulnerabilities to the public after the app had witnessed a surge in popularity at the height of COVID-19. Today, we analyzed Jawaker again and provided updated recommendations for the app’s team and its new owner, Stillfront.
Since the app operates outside Europe, the Swedish company has no obligation to follow the General Data Protection Regulations (GDPR) that must be implemented when writing and publishing privacy policies. These entail different requirements to those under Jordanian law. Yet, it would be interesting to examine whether Stillfront managed to update its privacy policies in line with the latest legislations that would protect users’ rights and safeguard their data.
Data Subject’s Rights
Jawaker should adhere to the latest cybersecurity measures and protect the privacy of their users in a transparent way. The app should also be regularly patched with the support of a dedicated security team.
This page is available in a different language العربية (Arabic) هذه الصفحة متوفرة بلغة مختلفة