Mobile Threat Catalogue

Varying Mobile Data/Device Regulations


Threat Category: Mobile OS & Vendor Infrastructure


Threat Description: Mobile data and devices are subject to different laws and regulations (e.g., lawful intercept, IP, data privacy) from foreign nations, such as GDPR, which must be abided by.

Threat Origin

The State of the Mobile Ecosystem, Appthority Unveils New Security Research at Black Hat 1

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures


As part of the app-vetting process, engage with app vendors to determine if data processed by the app may potentially be stored, temporarily or persisently, on systems located in areas that present unacceptible legal or privacy risks to enterprise data.

Before authorizing the use of mobile devices in areas outside of corporate control, understand the legal and privacy risks to enterprise data.


  1. “The State of the Mobile Ecosystem”, 5 Aug. 2015, [accessed 7/27/2022]