An investigation into the accuracy of privacy disclosures in Apple’s App Store “nutrition labels” has found that a significant number are simply false.
Apple made its privacy notices, also known as “nutrition labels,” mandatory for any new or updated iOS 14 app in the App Store from December 8, 2020. As reported by AppleInsider at the time, however, Apple appeared to be entirely dependent on app developers both complying, and telling the truth.
Now according to the Washington Post, a survey of app privacy notices has shown that, “many” are false.
The Washington Post does not say how many apps were checked, but claims that “about 1 in 3” of those tried were falsely reporting that they collect no data. These include the game Match 3D, social network Rumble, and PBS Kids Video.
All three have reportedly now made some changes, but during the Washington Post “spot check,” each was allegedly falsely claiming to track no data. So was a de-stressing app named Satisfying Slime Simulator, which was reportedly sending information to Facebook, Google and others.
“Apple conducts routine and ongoing audits of the information provided and we work with developers to correct any inaccuracies,” an Apple spokesperson told the Washington Post. “Apps that fail to disclose privacy information accurately may have future app updates rejected, or in some cases, be removed from the App Store entirely if they don’t come into compliance.”
The apps were reportedly tested in part in conjunction with a former National Security Agency researcher. The Satisfying Slime Simulator was sending Facebook, Google and GameAnalytics details of the user’s iPhone IDFA, battery level, free storage space, volume setting, and general location.
Apple’s forthcoming update to iOS 14 which will introduce a new App Tracking Transparency. Apps still using IDFA will require a user’s specific permission to carry on.
Advertisers believe that most users, on being prompted to allow tracking, will choose to say no. Apple will offer advertisers an alternative framework, however, which it claims gives advertisers useful information, without compromising the user’s privacy.
As previously reported by AppleInsider, a number of major app developers have yet to comply with Apple’s requirement for privacy or nutrition labels. Until they do so, Apple will not allow any new apps, nor updates to existing ones.
At present, it remains true that Apple is dependent on developers’ honesty, but the system is also new. Over time, however, any developer who wants to have an updated app on the App Store will have to provide privacy information. As the App Store policy becomes the norm, and especially when IDFA is made opt in, the accuracy of the nutrition labels will only increase.