In mid-December 2020, Apple released privacy labels on the App Store. The labels offered bite-size information, similar to a nutrition label, about the types of data collected by the apps. Although labels can help inform users about the privacy implications of different applications, they may also not be accurate.
The Washington Post Geoffrey Fowler did a deep analysis of the new privacy labels and discovered that several were false. Fowler highlighted some apps that collected data despite using privacy labels that they say they don’t. For example, ‘Satisfying Slime Simulator’ shared a way to identify Fowler’s iPhone with Facebook, Google, and another service called ‘GameAnalytics’. On top of that, it sent the iPhone ID, battery level, free storage space, general location, and volume level to Unity, the software used to create games.
Fowler also verified a social media app called ‘Rumble’, which is a Facebook and Google ID that could be used to track your phone. He also sent other information about how he used the app. Fowler noted that Rumble changed its privacy label in mid-January, although the company never responded to Fowler’s emails.
Other apps that Fowler pointed to include ‘Maps.Me’, ‘FunDo Pro’, ‘PlayerXTreme’, ‘Instdown’ and ‘Whats Direct Chat and Web’. Some of these applications have changed their privacy labels since then.
Apple does not verify privacy labels
However, it should come as no surprise that developers are misleading users with privacy labels. When Apple introduced the labels, MobileSyrup He asked what steps the company would take to ensure accurate reports from developers. Apple reiterated that developers had to report privacy information themselves, but said it would take action if it learns of inaccuracies in privacy information. It’s unclear if Apple has taken action yet, or what that action would look like.
Apple also said it would prevent developers from updating their apps unless they add the privacy labels to ensure that developers comply with the new measures.
With all that in mind, there is a clear incentive for developers to mislead users. For example, look at Facebook. The social media giant added privacy labels for its apps, like Facebook Messenger, and has received tons of bad press about the amount of data that apps collect.
Likewise, Google was accused of withholding updates to its iOS apps so it wouldn’t have to add privacy labels and suffer similar bad press. Google later said that was not the case and that it would update its applications. However, more than three weeks have passed since then and only some of the less popular apps have been tagged.
Things may get better when Apple’s new app tracking transparency feature hits iOS. That feature will force apps to ask users for permission to allow their device’s Identifier Identifier (IDFA) to be shared with other tracking companies. For example, that would prevent Instagram from sharing IDFA data with third parties, but it could still share data with Facebook since it is the same company.
Despite these changes, anyone who wants to protect their privacy online would do well to check all privacy labels on the App Store. Tags can provide a useful overview at a glance, but since they currently exist, users cannot rely on them to be completely accurate.
The Canadian News
Canada’s largets news curation site with over 20+ agency partners