The fact that Apple doesn’t manually verify the validity of developer-provided privacy label information has prompted Washington politicians to pen an open letter to CEO boss Tim Cook.
The US House Energy and Commerce Committee Chairman Frank Pallone Jr. (D-NJ) and Consumer Protection and Commerce Subcommittee Chair Jan Schakowsky (D-IL) wrote in the open letter to the company’s chief executive that Apple should adopt a different approach that would require its editors to fact-check privacy label information for each submitted app.
→ Do you read the privacy labels at all?
As MacRumors notes, politicians worry these privacy labels might be riddled with false information and mislead customers regarding how their data might be collected and used.
The committee has demanded additional details from Apple on the privacy labels.
Here’s what the government wants
The committee wants to know more about the following topics:
- Details on the process by which Apple audits the privacy information provided by app developers and how frequently audits are conducted;
- How many of the apps audited since the implementation of the App Privacy label were found to have provided inaccurate or misleading information;
- Whether Apple ensures that the App Privacy labels are corrected upon the discovery of inaccuracies or misleading information; and
- Details regarding Apple’s enforcement policies when an app fails to provide accurate privacy information for the App Privacy label.
The company must send the requested information by February 23.
What the committee wrote in the letter
Here’s an excerpt from the letter:
According to recent reports, the App Privacy labels can be highly misleading or blatantly false. Using software that logs data transmitted to trackers, a reporter discovered that approximately one third of evaluated apps that said they did not collect data had inaccurate labels.
So, what do you suggest then?
A privacy label is no protection if it is false. We urge Apple to improve the validity of its App Privacy labels to ensure consumers are provided meaningful information about their apps’ data practices and that consumers are not harmed by these potentially deceptive practices.
That’s a very, very tall order.
How Apple screens the privacy labels
With more than 2.5 million apps in the App Store and tens of thousands of new submissions each week, this would require a significant bolstering of the App Store’s review team. While Apple does audit the privacy labels and works with developers to correct inaccuracies, there’s no way the company could verify each and every app’s privacy listing.
Instead, the Cupertino giant uses a combination of machine learning to flag potentially problematic privacy labels and responds retroactively upon learning about false information.
A mandatory feature based on an honor system
The privacy labels for apps in the App Store have been mandatory for all new submissions since December 2020. The App Privacy section is meant to provide at-a-glance information to potential customers so they could see what an app’s asking for before they download it.
A recent report from The Washington Post has discovered that some apps are downright showing false information to those customers. It’s unclear how widespread the problem is because the newspaper has conducted a very small-scale study.
Right now, I’m seeing way too many apps with “we don’t collect any data”. I would love for that to be true, but I’m skeptical. Meanwhile, developers who are transparent about their data collection practices end up looking bad against developers who are hiding it.
— Guilherme Rambo (@_inside) January 29, 2021
For the tested apps, however, the study showed that more than half the apps had either misleading or completely false information listed in their App Privacy section on the App Store.