Apps need to follow the basic rules - ie Only access the internet and other apps' data using the freezr_core API.
How are these rules enforced?
They aren't really today. Apps are scanned by a "sensor" module in freezr that is meant to enforce rules. But for the moment, it relies on good freezr citizenship and has a skeleton of a security algorithms just looking out to see if "eval" is being used for example.
In the long run, because all apps are necessarily open source, freezr can implement more complex algorithms to make sure rules are enforced by apps.