More than 55 percent of all mobile apps may not comply with the new European privacy regulations and Google Play privacy policies that go into effect this spring, according to a report from SafeDK, a marketplace that monitors the use of software development kits (SDKs) in mobile apps.

The European Union’s General Data Protection Regulation goes into effect in Europe on May 25, and it strengthens the rights of individuals to control the use of their personal data. SafeDK’s latest report found that more than half of the hundreds of thousands of Android apps in the study used at least one SDK that accessed users’ private data. The most commonly accessed private data was a user’s location (26 percent), and the second was data about the apps installed on the user’s device (40 percent). Nearly 30 percent of the apps used an SDK that accessed a user’s contacts.

Herzliya, Israel-based SafeDK studied the apps and matched their use of more than 1,000 SDKs. More than 58 percent of ad network SDKs also accessed a user’s location. SafeDK said these mobile app companies will have to make code changes in the near future to comply with both the GDPR and Google Play requirements. They will also need to evaluate and monitor their third-party SDKs.

Above: Private data access is common with mobile app SDKs.

Image Credit: SafeDK

The average number of SDKs per mobile app is 18.5. Sports, dating, and shopping apps have been particularly busy adding more SDKs in the past quarter.

SafeDK said that integrating SDKs is important for mobile app companies. But those SDKs are often “black boxes” of…