The government wants Apple to fact-check apps’ privacy labels

The fact that Apple doesn’t manually verify the validity of developer-provided privacy label information has prompted Washington politicians to pen an open letter to CEO boss Tim Cook.

The US House Energy and Commerce Committee Chairman Frank Pallone Jr. (D-NJ) and Consumer Protection and Commerce Subcommittee Chair Jan Schakowsky (D-IL) wrote in the open letter to the company’s chief executive that Apple should adopt a different approach that would require its editors to fact-check privacy label information for each submitted app.

Do you read the privacy labels at all?

As MacRumors notes, politicians worry these privacy labels might be riddled with false information and mislead customers regarding how their data might be collected and used.

An iPad screenshot showing the App Privacy section for an App Store listing

The committee has demanded additional details from Apple on the privacy labels.

Here’s what the government wants

The committee wants to know more about the following topics:

  • Details on the process by which Apple audits the privacy information provided by app developers and how frequently audits are conducted;
  • How many of the apps audited since the implementation of the App Privacy label were found to have provided inaccurate or misleading information;
  • Whether Apple ensures that the App Privacy labels are corrected upon the discovery of inaccuracies or misleading information; and
  • Details regarding Apple’s enforcement policies when an app fails to provide accurate privacy information for the App Privacy label.

The company must send the requested information by February 23.

What the committee wrote in the letter

Here’s an excerpt from the letter:

According to recent reports, the App Privacy labels can be highly misleading or blatantly false. Using software that logs data transmitted to trackers, a reporter discovered that approximately one third of evaluated apps that said they did not collect data had inaccurate labels.

So, what do you suggest then?

A privacy label is no protection if it is false. We urge Apple to improve the validity of its App Privacy labels to ensure consumers are provided meaningful information about their apps’ data practices and that consumers are not harmed by these potentially deceptive practices.

That’s a very, very tall order.

How Apple screens the privacy labels

With more than 2.5 million apps in the App Store and tens of thousands of new submissions each week, this would require a significant bolstering of the App Store’s review team. While Apple does audit the privacy labels and works with developers to correct inaccuracies, there’s no way the company could verify each and every app’s privacy listing.

A still from an Apple ad showing the back of an iPhone 12 XS Max with the words "Privacy. That's iPhone" shown

Instead, the Cupertino giant uses a combination of machine learning to flag potentially problematic privacy labels and responds retroactively upon learning about false information.

A mandatory feature based on an honor system

The privacy labels for apps in the App Store have been mandatory for all new submissions since December 2020. The App Privacy section is meant to provide at-a-glance information to potential customers so they could see what an app’s asking for before they download it.

A recent report from The Washington Post has discovered that some apps are downright showing false information to those customers. It’s unclear how widespread the problem is because the newspaper has conducted a very small-scale study.

For the tested apps, however, the study showed that more than half the apps had either misleading or completely false information listed in their App Privacy section on the App Store.