Information in privacy labels on Play Store often does not correspond to privacy policy

A large part of the popular applications in the Google Play Store display incorrect information about what data is collected and shared. That is the conclusion of Mozilla, which looked at 40 apps and saw that the information in the Data Safety field did not match that in the privacy policy.

Mozilla researched the 20 most popular free and the 20 most popular paid applications in the Play Store. The company specifically looked at the information that the app makers put under the privacy label. Those privacy labels are an initiative that Google set up in 2021 . With such a label, app makers must indicate what information their apps collect and what information they share with third parties.

Mozilla compared the information under the privacy label with the information in the apps’ terms and conditions and privacy policies. In almost eighty percent of the cases there were ‘discrepancies’ between the two sources. For example, TikTok and Twitter both write in the Play Store that they do not forward information to third parties, but their privacy policies state that they do. In sixteen cases there were “major differences” between the sources and in only six of the forty cases, according to Mozilla, that information was “ok”.

According to Mozilla, Google drops several stitches when checking the privacy labels. They would be in the registration label that makers have to fill in when they put an app in the Store. For example, Google would have a limited definition of anonymization and app makers would not have to pass on when data is sent to ‘service providers’. It also does not have to be included in the label if data is anonymized, which many app makers rely on.