Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
52,097
13,720


Last month, Apple introduced privacy labels on the App Store, providing users with a broad overview of the data types an app may collect, and whether the information is used to track them or is linked to their identity or device.

app-store-privacy-labels-iphone-12.jpg

Apple has required developers to provide this privacy information when submitting new apps and app updates to the App Store since early December, but the labels function on an honor system, with fine print indicating that "this information has not been verified by Apple." As such, there is always the potential that some apps will be dishonest.

On that note, The Washington Post's Geoffrey A. Fowler recently did a spot check and discovered "more than a dozen" apps with "either misleading or flat-out inaccurate" privacy labels. One of these apps was a game called "Satisfying Slime Simulator," which Fowler said was sending his iPhone's advertising identifier and other device information to companies like Facebook, Google, and Unity, despite its privacy label indicating "No Data Collected."

Fowler listed several other apps with "No Data Collected" labels that he found to be covertly collecting user data, such as Rumble, Maps.me, and FunDo Pro. He also found the popular game Match 3D to be "sending an ID for my phone that could be used to track me to more than a dozen different companies," despite having a label that claimed it only took "data not linked to you." Match 3D has since updated its label to reflect "data used to track you."

In response to the report, Apple said it "conducts routine and ongoing audits of the information provided" and works with developers to correct any inaccuracies, adding that "apps that fail to disclose privacy information accurately may have future app updates rejected, or in some cases, be removed from the App Store entirely if they don't come into compliance."

This issue will be partially addressed by Apple's upcoming enforcement of a privacy measure it calls App Tracking Transparency. Starting with the next betas of iOS 14, iPadOS 14, and tvOS 14, developers will be required to get a user's permission to track their activity across other apps and websites and access their device's random advertising identifier, known as the Identifier for Advertisers (IDFA), for targeted advertising and ad measurement purposes.

Apple said that, at the software level, App Tracking Transparency will prevent developers from accessing a user's IDFA unless they grant permission, preventing an app from silently tracking their activity in this manner. However, there are still other ways for apps to track users, so the accuracy of privacy labels will still not be guaranteed.

Article Link: More Than a Dozen Apps With 'Misleading or Flat-Out Inaccurate' Privacy Labels Found on App Store
 

ececlv

macrumors member
Sep 26, 2014
56
106


Last month, Apple introduced privacy labels on the App Store, providing users with a broad overview of the data types an app may collect, and whether the information is used to track them or is linked to their identity or device.

app-store-privacy-labels-iphone-12.jpg

Apple has required developers to provide this privacy information when submitting new apps and app updates to the App Store since early December, but the labels function on an honor system, with fine print indicating that "this information has not been verified by Apple." As such, there is always the potential that some apps will be dishonest.

On that note, The Washington Post's Geoffrey A. Fowler recently did a spot check and discovered "more than a dozen" apps with "either misleading or flat-out inaccurate" privacy labels. One of these apps was a game called "Satisfying Slime Simulator," which Fowler said was sending his iPhone's advertising identifier and other device information to companies like Facebook, Google, and Unity, despite its privacy label indicating "No Data Collected."

Fowler listed several other apps with "No Data Collected" labels that he found to be covertly collecting user data, such as Rumble, Maps.me, and FunDo Pro. He also found the popular game Match 3D to be "sending an ID for my phone that could be used to track me to more than a dozen different companies," despite having a label that claimed it only took "data not linked to you." Match 3D has since updated its label to reflect "data used to track you."

In response to the report, Apple said it "conducts routine and ongoing audits of the information provided" and works with developers to correct any inaccuracies, adding that "apps that fail to disclose privacy information accurately may have future app updates rejected, or in some cases, be removed from the App Store entirely if they don't come into compliance."

This issue will be partially addressed by Apple's upcoming enforcement of a privacy measure it calls App Tracking Transparency. Starting with the next betas of iOS 14, iPadOS 14, and tvOS 14, developers will be required to get a user's permission to track their activity across other apps and websites and access their device's random advertising identifier, known as the Identifier for Advertisers (IDFA), for targeted advertising and ad measurement purposes.

Apple said that, at the software level, App Tracking Transparency will prevent developers from accessing a user's IDFA unless they grant permission, preventing an app from silently tracking their activity in this manner. However, there are still other ways for apps to track users, so the accuracy of privacy labels will still not be guaranteed.

Article Link: More Than a Dozen Apps With 'Misleading or Flat-Out Inaccurate' Privacy Labels Found on App Store
The privacy report always sounded like creating a legal obligation for the app developer. Sure you can lie, but when caught you face potential civil penalties
 
Comment

sentiblue

macrumors regular
Aug 2, 2012
218
154
Silicon Valley
I simply don't get it when developers deliberately mis-represent themselves in this way. Except for the intentional perps of course. Apple is not dumb, they will eventually find out even if it slipped their approval radar first time. If you intentionally slip through and get caught, you'll most certainly be on their watch list and your new/updated apps will be targetted for much more intensive reviews going forward. Unless you change your dev identity, which they can detect duplicates too.
 
Comment

applicious84

macrumors 6502
Sep 1, 2020
253
535
On that note, The Washington Post's Geoffrey A. Fowler recently did a spot check and discovered "more than a dozen" apps with "either misleading or flat-out inaccurate" privacy labels. One of these apps was a game called "Satisfying Slime Simulator," which Fowler said was sending his iPhone's advertising identifier and other device information to companies like Facebook, Google, and Unity, despite its privacy label indicating "No Data Collected."
Well, that's an app I've been missing out on

Edit: This whole time, I've been using the unsatisfying slime simulator. I feel like it's just not the same, but it's probably more private. Who wants to simulate unsatisfying slime? Also, the truth is, as long as slime is simulated, I'm satisfied.
 
Last edited:
Comment

MauiPa

macrumors 68000
Apr 18, 2018
1,670
2,374
I guess if Facebook said no data collected, everyone would believe them? BAZINGA!
 
  • Like
Reactions: Cleartz
Comment

switz

macrumors member
So the issue is that the info is already out on the existing apps. Closing the barn door after the horse is in the field is useless. One will have to change their "ID", if possible, when all apps have the opt out function. The end user of course has perhaps no way to verify that the app takes the info anyway.
 
Comment

Pakaku

macrumors 68020
Aug 29, 2009
2,383
2,703
Well, it will eventually fix the issue if the developers (not just the individual app in question) are permanently banned from Apple's stores.
I don't really like the idea that Apple comes up with this privacy label idea just for devs to lie on them, because Apple always likes to brag about how much they care about privacy, and we're supposed to assume we can trust them and their privacy labels now. It's too reactionary and relies too much on the honesty of devs, if they even update their apps (looking at you, Google). But I guess catching them lying is better than nothing...
 
  • Like
Reactions: Mike_Trivisonno
Comment

4jasontv

Suspended
Jul 31, 2011
4,072
4,437
We need a way to hold the developers accountable for falsifying information about their app. Not the company who made it, the developers themselves. That way the industry will have motivation to police themselves and push back on any upper level type that suggests they should do otherwise. At the very least whoever pushes the app or update to the App Store should be individually identifiable and personally liable for the accuracy of their description.

Analogy for the people not getting it. The pharmacist is ultimately responsible if drugs go missing. It doesn't matter that they may not be the one to last handle the drug before the customer receives it. Developers made the apps, and they are in the best position to know what it does.
 
Last edited:
Comment

MauiPa

macrumors 68000
Apr 18, 2018
1,670
2,374
Well, it will eventually fix the issue if the developers (not just the individual app in question) are permanently banned from Apple's stores.
Maybe the US could pass privacy laws, then we could sue people like Facebook and sleazy developers who steal our data. Or maybe each of us could offer our data for a price that developers would have to pay to use it without our permission. My offer is $1m, hey facebook, here is your bill! A free market solution, oh yah!
 
  • Like
Reactions: Mike_Trivisonno
Comment

4jasontv

Suspended
Jul 31, 2011
4,072
4,437
Maybe the US could pass privacy laws, then we could sue people like Facebook and sleazy developers who steal our data. Or maybe each of us could offer our data for a price that developers would have to pay to use it without our permission. My offer is $1m, hey facebook, here is your bill! A free market solution, oh yah!
Make that 1 million per access per day. We also need them to take hacks and leaks seriously too. A small percentage of FB customer data being released should bankrupt them.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.