A study of the data safety labels for Android apps available on the Google Play store has uncovered “significant loopholes” that allow apps to provide misleading or outright false information.
Conducted by the Mozilla Foundation as part of the *Privacy Not Included initiative, this study compared the privacy policies and labels of the 20 most popular paid and 20 most popular free apps in the app market.
About 80% of the apps reviewed were found to have “false or misleading labels based on discrepancies between the app’s privacy policy and information self-reported by the app on Google’s data safety form.” I was.
Mozilla further stated that “these apps do not self-report sufficiently accurately to give the public any meaningful reassurance about data safety and We’ve come to believe that we’re doing a better job of protecting them,” he added. than them. ”
3 apps – UC Browser – Safe, Fast, Private. League of Stickman Acties; and Terraria – The Data Safety section was completely missing. Out of 40 apps, only 6 received an “OK” rating.
Last year, Google started rolling out a new data safety section on the Play Store. This section details our app’s privacy and security practices. This is also the company’s response to Apple’s App Privacy Label, which went into effect in December 2020.
However, there are some crucial differences. Apple labels highlight data that is collected, such as data collected for tracking purposes and information associated with users.
Google’s labels, on the other hand, allow developers to provide more context as to why such data collection is necessary and the security principles used to protect the information.
That said, both systems rely on developers being transparent about how their apps use data. Apple performs regular checks to ensure labels don’t give a false sense of security, but Google leaves it up to developers to make “complete and accurate declarations.”
Currently, according to Mozilla, these self-declared labels may not accurately represent an app’s data collection policies, and are used to increase privacy transparency and help users make informed decisions. cast doubt on the effectiveness of such frameworks.
“For example, Google exempts apps that share data with ‘service providers’ from disclosure requirements. This is problematic because service providers are narrowly defined and contain large amounts of consumer data. ” said Mozilla.
As such, Mozilla refuted claims that the Snapchat, TikTok, and Twitter apps “do not share user data with other companies or organizations,” stating that the apps’ privacy policies do not share user information with advertisers, Internet service providers, and others. It states that it explicitly refers to .
We would like to point out here that if the data is shared with the developer’s service provider, or if the data is fully anonymized, if the app asks for user consent, the app will It means that you may be exempt from disclosure of sharing.
The American nonprofit has also encouraged Apple and Google to adopt universal nutrition labeling standards, and has told the tech giant to “explain enforcement actions against non-compliant apps and You are responsible for ensuring that the information in your report is accurate.” .”
