‘Information in privacy labels on Play Store often does not correspond with privacy policy’

A large number of popular applications in the Google Play Store display incorrect information about what data is collected and shared. This is the conclusion of Mozilla, which looked at forty apps and saw that the information in the Data Safety field did not match that in the privacy policy.

Mozilla investigated the twenty most popular free and the twenty most popular paid applications in the Play Store. The company specifically looked at the information that app makers put under the privacy label. These privacy labels are an initiative that Google set up in 2021. App makers must use such a label to indicate what information their apps collect and what information they share with third parties.

Mozilla compared the information under the privacy label with the information in the apps’ terms and conditions and privacy policies. In almost eighty percent of the cases there were ‘discrepancies’ between those two sources. For example, TikTok and Twitter both write in the Play Store that they do not forward information to third parties, but their privacy policies state that they do. In sixteen cases there were ‘major differences’ between the sources and in only six of the forty cases was the information ‘ok’ according to Mozilla.

According to Mozilla, Google fails several times when checking the privacy labels. These would be included in the registration label that makers must complete when they put an app in the Store. For example, Google would have a limited definition of anonymization and app makers would not have to report when data is sent to ‘service providers’. It is also not necessary to include in the label if data is anonymized, as many app makers rely on.