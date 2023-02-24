



It’s basically impossible to track what every mobile app is doing, with whom, when and with what data. So over the last few years, both Apple and Google have added mechanisms to their app stores that are intended to act as a sort of privacy nutrition label, giving users more control over how their apps behave and what information they may share. gives insight into However, these transparency tools are populated with self-reported information from the app developers themselves. And new research focused on Google Play data safety information shows that the details provided by developers are often inaccurate.

Researchers at the non-profit software group Mozilla examined the data safety information of the top 40 most downloaded apps on Google Play and rated their privacy disclosures as poor, need improvement, or OK. The rating was based on how well the data safety information matched or disagreed with the information in each app’s privacy policy. 16 out of 40 apps, including Facebook and Minecraft, received the lowest ratings for data safety disclosures. 15 apps received a medium rating. These included the Instagram and WhatsApp apps owned by Meta, as well as YouTube, Google Maps and Gmail owned by Google. Six apps received the highest ratings, including Google Play Games and Candy Crush Saga.

If you visit the Twitter app page or the TikToks app page and click on data safety, the first thing you will see is that these companies declare that they do not share your data with third parties. Mozilla project lead Jen Caltrider says. As a privacy researcher, I knew that this information would not help people make informed decisions. I will take it and leave.

Google requires that all app developers submitting to Google Play complete a data safety form. The reason is that it is the developer who has the information about how the product handles data and interacts with other parties, not the app store that facilitates distribution.

If a developer provides inaccurate information in the data safety form and is found to be in violation of our policy, we will require the developer to fix the issue in order to be compliant. Non-compliant apps will be subject to enforcement action, Google told Mozilla researchers. The company did not respond to his WIRED questions about the nature of these enforcement actions or the frequency of their implementation.

However, Google challenges the researchers’ methodology. The report conflates company-wide privacy policies intended to cover various products and services with individual data safety labels that inform users about the data specific apps collect, the company said in a statement. said in The Mozilla Foundation’s arbitrary rating assigned to an app is not a useful measure of label safety or accuracy, given its flawed methodology and lack of supporting information.

In other words, Google says Mozilla researchers misunderstood the scope of the privacy policy they were looking at, or even referenced the wrong policy altogether. However, the researcher says the privacy policy he used in his analysis is exactly the same as the policy each app developer links to on Google Play, indicating that it applies to the app in question.

