There’s been a lot of attention drawn to App Store privacy labels since they went live in December. Apple made them mandatory for developers submitting new apps or updating new ones. Facebook Messenger came under particular fire for the sheer volume of data linked to users.
But spot-checks by the Washington Post found that more than half the apps they reviewed were either misleading or completely false …
It began when tech columnist Geoffrey Fowler downloaded a de-stressing app.
Apple did say earlier this week that it relies in developers to be honest, and only responds reactively when they lie.
I downloaded a de-stressing app called the Satisfying Slime Simulator that gets the App Store’s highest-level label for privacy. It turned out to be the wrong kind of slimy, covertly sending information — including a way to track my iPhone — to Facebook, Google and other companies […]
As I write this column, Apple still has an inaccurate label for Satisfying Slime. And it’s not the only deception. When I spot-checked what a couple dozen apps claim about privacy in the App Store, I found more than a dozen that were either misleading or flat-out inaccurate.
They included the popular game Match 3D, social network Rumble and even the PBS Kids Video app. (Say it ain’t so, Elmo!) Match and Rumble have now both changed their labels, and PBS changed some of how its app communicates with Google.
And indeed says as much in each label.
Similar to how Age Ratings work on the App Store, developers report their own privacy practices. If we learn that a developer may have provided inaccurate information, we will work with them to ensure the accuracy of the information.
But Fowler says that’s not good enough.
In tiny print on the detail page of each app label, Apple says, “This information has not been verified by Apple.”
Others agree.
The first time I read that, I did a double take. Apple, which says caring for our privacy is a “core responsibility,” surely knows devil-may-care data harvesters can’t be counted on to act honorably. Apple, which made an estimated $64 billion off its App Store last year, shares in the responsibility for what it publishes […]
If a journalist and a talented geek could find so many problems just by kicking over a few stones, why isn’t Apple?
Even after I sent it a list of dubious apps, Apple wouldn’t answer my specific questions, including: How many bad apps has it caught? If being innacurate means you get the boot, why are some of the ones I flagged still available?
Fowler also outlines why he doesn’t think the labels are particularly helpful: the categories are overly-broad, and we don’t get to know which companies get our data. That, he argues, is like a food label that doesn’t have to list the ingredients.
Right now, I’m seeing way too many apps with “we don’t collect any data”. I would love for that to be true, but I’m skeptical. Meanwhile, developers who are transparent about their data collection practices end up looking bad against developers who are hiding it.
— Guilherme Rambo (@_inside) January 29, 2021
Apple said:
What’s your view? Is Apple doing enough, or should it be more proactive in checking whether developers are telling the truth about their apps? Please share your thoughts in the comments.
Apple conducts routine and ongoing audits of the information provided and we work with developers to correct any inaccuracies. Apps that fail to disclose privacy information accurately may have future app updates rejected, or in some cases, be removed from the App Store entirely if they don’t come into compliance.
Photo by Eddy Billard on Unsplash