iOS 14 added App Store privacy labels as a way for developers to disclose the types of data their apps collect and if it gets used for advertising. But some of these labels may be inaccurate (via WP).
Misleading Privacy Labels
In 2019 Gregory Fowler used a privacy tool to see the kinds of data that apps were sending to their developers in the background. Now he’s examining privacy labels using the same tool. He concludes that Apple’s definition of privacy is too narrow and so far hasn’t verified these privacy labels.
In some ways, Apple uses a narrow definition of privacy that benefits Apple — which has its own profit motivations — more than it benefits us. […] Apple’s big privacy product is built on a shaky foundation: the honor system. In tiny print on the detail page of each app label, Apple says, “This information has not been verified by Apple.”
Mr. Fowler also noted that these privacy labels, if stated they share your data, don’t reveal the company getting the data.
We found [PBS Kids Video] sending my phone’s ID to Google, even though its label said it didn’t collect data that could be linked to me. PBS told me the label reflected an update to the app it eventually published on Jan. 28, in which Google no longer gets sent my ID but still helps PBS measure performance. Even with its update, the label is still missing an important piece of information: There’s Google inside.
App Store privacy labels are a work in progress, and hopefully Apple improves and expands upon them in future OS updates.
One thought on “Investigation Shows Some App Store Privacy Labels are Misleading”
Even if Apple tightens up the label, someone is going to find a workaround. There’s too much money at stake to do otherwise.