Google Play Store offers data safety labels that are designed to mimics Apple’s Privacy Nutrition Labels. In simple terms, these labels allow people to read an easily digestible sheet which quickly tells them how their data is collected, used, and shared by an app. This helps people decide if they want to download the app. Likewise, it helps stimulate competition among apps to enhance privacy in their apps. Prior, this information was hidden in TOS files that no one read, or if they did read, they didn’t understand.
But it seems this effort by Google was all for null, at least, according to a new study from Mozilla.
Mozilla looked at a number of popular apps and reconciled Google Play Store Safety Data Sheets alongside the apps labels. And guess what? Yes, you guessed it, there were numerous, egregious discrepancies between the two.
Mozilla used the most popular 20 paid apps and the most popular 20 free apps from Google’s Play Store. Of these, 8 out of 10 had at least a minor inaccuracy between the app developers privacy claims and Google’s Safety Data Sheet.
But wait, there’s more…
Roughly 4 out of 10 instances were egregious.
Here’s a breakdown from Mozilla.
Facebook, SnapChat, Twitter, Spotify, even Google Maps? How the heck does Google Maps have a discrepancy on its data sharing privacy when the same company creates the data sheet?
Worse more, popular social media app TikTok scored awful and flirts with the “scammy” territory. If you read the Google Data Safety Sheet, TikTok shares no data with third parties. But TikTok’s own terms contradict this claim by asserting they do, in fact, share your data with third parties.
So what’s causing this problem?
For one, Google relies on developers to provide this data. For two, Google doesn’t have a method to follow up and confirm accuracy of relayed data. Google also states that data sharing with a service provider doesn’t count, which is befuddling. This creates confusion (and probably opportunity) for developers while filling out the data sheet. I’d imagine app developers want the least amount of data sharing occurrences so it stands to reason they’ll interpret such a line literal.
Mozilla’s Project Lead, Jen Caltider, said of the situation:
“Consumers care about privacy and want to make smart decisions when they download apps. Google’s Data Safety labels are supposed to help them do that. Unfortunately, they don’t. Instead, I’m worried they do more harm than good. When I see Data Safety labels stating that apps like Twitter or TikTok don’t share data with third parties it makes me angry because it is completely untrue. Of course Twitter and TikTok share data with third parties. Consumers deserve better. Google must do better.”
Apps in both Google and Apple have long found themselves under scrutiny for privacy and data sharing issues. Last summer, Caltider found that a lot of popular health apps weren’t securing user data.
We all have a fundamental right to privacy.— Mozilla (@mozilla) August 22, 2022
Mozilla’s lead privacy researcher @caltrider talks to @GMA about weak policies and misleading data sharing practices ⤵️ https://t.co/DPdwjfwecW
Of course, Google’s data sheets were supposed to be a step in helping to resolve issues like this. But it seems these efforts are laden with more issues which now compound the original problem. As such, the user data privacy drama keeps on delivering. Let’s hope Google works this situation out as data sheets are a great idea on the surface.