Mozilla says “most of the best apps” on Android have misleading privacy labels End-shutdown

Enlarge / The little Android robot watches everything you do.

It seems that trusting developers to only tell the truth about data collection on Google Play is not working. Similar to iOS, Android launched app privacy “nutrition labels” on the Play Store last year, with the idea that users could quickly see how much data each app is collecting. The obvious problem with this system is that developers fill out data collection forms and there is nothing to stop them from lying or bypassing certain data collection policies. So it’s no surprise that when Mozilla recently audited top apps on Google Play, found that “most top apps” have “fake or misleading” app privacy labels.

Mozilla says it surveyed 40 of the most popular apps on the Play Store by global downloads and found that “in nearly 80% of the apps we reviewed, we found some discrepancies between the apps’ privacy policies and the information they reported on the Application Form.” Google Data Security.” Each app received a rating of “Poor,” “Needs Improvement,” or “Okay,” with 16 of the 40 apps scoring the lowest.

Mozilla didn’t need to dig very deep to find fault, saying the privacy labels on many apps openly contradict their public privacy policies.. Snapchat, TikTok, and Twitter claim “No data sharing with third parties” on the Play Store, but detail third-party sharing in their privacy policies. For free applications, the list of recipients that get a “low” rating is not very surprising: Facebook, Facebook Messenger, Facebook Lite, Snapchat, Twitter and, the only surprise, Samsung Push Services. Many paid games like Minecraft make the “poor” list, too.

TikTok's Google Play privacy label vs. its privacy policy.
Enlarge / TikTok’s Google Play privacy label vs. its privacy policy.


Mozilla says: “There is little evidence that Google works diligently to ensure the accuracy of submissions, and this lack of compliance makes the quality of the information very poor in many cases.” Mozilla put forward several recommendations for Google, in case it wanted to improve the situation, such as having a real punishment for lying in the form and clearly revealing to users that Google does not examine any of these responses. Mozilla also wants Google and Apple to work together to standardize the design of app privacy labels across ecosystems. Just as a single nutrition food label has a standard design across all products, Mozilla says that a privacy label should also have a design.

Mozilla rates some Google apps like Gmail as “needs improvement,” but that lacks the forest for the trees. The report doesn’t dive into this, but for Android, Google likes to play privacy tricks and focus the discussion on the idea of ​​”app privacy”, when “operating system privacy” (Google’s privacy) probably should. be more of a concern. Both Google and your device manufacturer have system-level access to the operating system that exists outside of the app security model, so they can basically do whatever they want to your phone, including harvesting all your data.

Even if the app’s privacy labels were accurate, Android is a class of enterprise that doesn’t need it. the applications to vacuum your data; instead, you could use a million system-level services. One of those services, Google Play Services, has to white app privacy screen! If accurate, it would be a mile long, but apparently Google would rather you not look behind the curtain. the same”privileged permissionsThe model also applies to pre-installed apps, which is part of the reason Facebook works so hard to make it pre-installed on most Android phones: More permissions mean better snooping. It would be nice if the Play Store tags were accurate too, but no one wants to do that. Talk about the entire operating system.

Leave a Reply

Your email address will not be published. Required fields are marked *