Three in five of the city's most popular mobile applications alert smartphone users to confidentiality issues upon download, the privacy watchdog has found.
"The survey shows the transparency of the privacy policies of apps is generally inadequate," deputy privacy commissioner Lavinia Chang Yu-ming said.
"Although the law does not prescribe the manner in which PPS is to be provided, it is recommended practice to make PPS readily available on the installation interface during or before app installation."
The survey also found that a large number of apps were programmed to access private data stored in the phone, such as the unique phone identifier, location, and the user's account with his service provider.
Almost two-thirds of the apps could tell the location of a smartphone, mostly through access to the identification number unique to each mobile device commonly known as Imei, or International Mobile Station Equipment Identity.
Henry Chang Chung-yee, information technology adviser at the Office of the Privacy Commissioner, warned that the feature made it easy for app developers and advertisers to profile users.
The survey said 36 apps provided PPS - but were found lacking in user-friendliness, with 19 per cent burying the confidentiality alerts under links such as service conditions on their websites' homepages. Few apps with PPS explained the reasons for accessing specific types of data and, in some cases, did not provide any information until users had completed installation.
The privacy watchdog said it was looking into 10 apps with "comparatively higher potential privacy risk".