More Than a Dozen Apps With 'Misleading or Flat-Out Inaccurate' Privacy Labels Found on App Store

[thejadedmonkey]

Software developer here. I haven't done anything like this with iOS, but back on Windows Phone, I would have been one of those developers who used an anonymized account ID, but not tracked my users. Let me explain:

The account ID was developer/user account specific, so every time any of my apps (from my specific developer account) would request it, it would give out a hash that was user specific. I used that instead of a login system. I used this ID to store data to the cloud, and even if the user reset their phone I could sync the data back to the app because it was the same anonymized account ID. My privacy policy was that a users data was theirs, but it was (optionally) magically backed up to the cloud for their convenience. That data was never accessed by anyone except the user who stored it, and was never used for any other reason.

Meanwhile, if I used e.g. Google Analytics, I would have been giving Google access to user tracking data, so I'd need to declare it in my privacy policy. That's a much much different use for an ID than data backup for convenience.

It's the same API, used for a totally different purpose. That's probably why Apple can't blanket state that the use of an API equates to a specific privacy flag.

 

[BeefCake 15]

It's the first implementation, there's bound to be confusion and issues to hash out.

 

[_Spinn_]

This is what I was worried about when I found out that the app labels are provided by the developers instead of generated systematically. Hopefully Apple holds developers accountable when they are caught lying about the data collected.

It would be nice if Apple could find a way to systematically audit apps and cross reference that with what the developers report they collect. I suspect this would not really be feasible or 100% accurate.

 

[cmaier]

So what exactly is Apple's team doing with the app submission process, if not to check apps?

using it as a basis to ban apps and developers if they lie.

 

[Taipan]

What planet has Apple been living on? They should have noticed by now that it’s inhabited primarily by idiots and a**holes.

 

[jz0309]

it's a start, and hopefully Apple will evolve this so that apps get banned from the App Store if they continue to provide false information ...

 

[mi7chy]

So what exactly is Apple's team doing with the app submission process, if not to check apps?

They're busy doing the lip service about privacy and security.

 

[timborama]

Seriously, do these privacy labels make any difference?!? Just look at Adobe apps, they track virtually EVERY piece of information available. And I’m guessing that has ZERO impact on whether anyone downloads their apps or not.

 

[aesc80]

using it as a basis to ban apps and developers if they lie.

This highly! If the privacy label manifest doesn't match what exactly the app is doing, then here comes the ban hammer. It could be something as innocent as fudging or not understand the privacy label filing properly, or they're trying to be all covert about what they're trying to do. It surprises me, in fact, that these privacy labels are tightly in concert with the operations and APIs they use. Then again, we're so far down the chain with 3rd party pods and what not, it'd be really hard to figure out what they're all really doing.

 

[easy4lif]

If apple is making a business out of protecting our privacy, it must do it! This honor system is not sufficient. Any app that states “no data collected” must prove to apple that it does what it says

any app that lies, cheats, or distorts that info, should be removed and the developer banned.

 

[aesc80]

We need a way to hold the developers accountable for falsifying information about their app. Not the company who made it, the developers themselves. That way the industry will have motivation to police themselves and push back on any upper level type that suggests they should do otherwise. At the very least whoever pushes the app or update to the App Store should be individually identifiable and personally liable for the accuracy of their description.

Are we saying we're going to take developers to "developer jail" all because someone fudged the privacy label submission? I understand the "rogue" single developer trying to be slick with some no name app (which would be so dumb), but developers aren't usually the ones doing submissions.

 

[NMBob]

Why isn't there just an iOS Little Snitch?

 

[cmaier]

Are we saying we're going to take developers to "developer jail" all because someone fudged the privacy label submission? I understand the "rogue" single developer trying to be slick with some no name app (which would be so dumb), but developers aren't usually the ones doing submissions.

What are you talking about? As used here, the term “developer” means the business entity or individual that submits the app. If company X lies about what an app does, the company will be punished, not the employees of the company.

 

[cmaier]

If apple is making a business out of protecting our privacy, it must do it! This honor system is not sufficient. Any app that states “no data collected” must prove to apple that it does what it says

any app that lies, cheats, or distorts that info, should be removed and the developer banned.

They are working toward that. The next ios update makes it much harder to lie. But there are always ways that a developer can cheat - it’s a cat and mouse game. So, in the end, the best apple can do is make it hard, and make firm rules. When they learn the rules are broken, either through their own testing (which takes time and cannot possibly be done thoroughly for every app, and even if it were, would not necessarily catch everything), or via outside information, then they need to take action to punish the developer (and they’ve indicated they will do so).

 

[aesc80]

What are you talking about? As used here, the term “developer” means the business entity or individual that submits the app. If company X lies about what an app does, the company will be punished, not the employees of the company.

Not in the quote I took reference to. It was at the reply, not the article. The person specifically says the developer, not the company. I understand rejecting the app.

We need a way to hold the developers accountable for falsifying information about their app. Not the company who made it, the developers themselves.

 

[MikhailT]

with apple having architected (?) the system from top to bottom, i'm kinda surprised these labels weren't automatically generated.

i am not surprised, however, that people weren't honest with the system.

Apple cannot see nor control what comes into the app and/or comes out. Knowing what the app does has nothing to do with the data you bring into the app. They can see what ip address or domain may be used but encrypted payloads? They can't. Do you want Apple to actually know what you entered and synced within apps like Bitwarden, 1Password, LastPass or whatever? Apple can't see all of the data, so the app review process is actually very limited. That's why the labels focus on what kind of data is being used and relies on the honor system, not how the app works.

Apple can only block communications between apps by isolating them, which they are doing as much as possible with the sandbox technology but the market doesn't want a total sandbox for each app; and a total sandbox is not possible as long as there is a connection to the web.

Everyone wants to be able to share data with other people, so there has to be a way to allow selective information to be shared between apps and that is the balance they have to deal with.

We need a way to hold the developers accountable for falsifying information about their app. Not the company who made it, the developers themselves. That way the industry will have motivation to police themselves and push back on any upper level type that suggests they should do otherwise. At the very least whoever pushes the app or update to the App Store should be individually identifiable and personally liable for the accuracy of their description.

Are you joking or have you never had a job that you're forced to do something against your beliefs or opinions? I have never had a job where I can choose not to do what I believe is the wrong thing to do.

You cannot fault the developers for doing their jobs.

The companies that hire these developers won't give a crap if they get fired or accountable, they'll hire another wave of starving student devs.

It won't work.

If apple is making a business out of protecting our privacy, it must do it! This honor system is not sufficient. Any app that states “no data collected” must prove to apple that it does what it says

any app that lies, cheats, or distorts that info, should be removed and the developer banned.

I agree but remember, Apple is already in the eyes of the antitrust regulators around the world now. Actions like this will punish Apple more, not these apps.

So, they have to balance between doing the legal stuff first by writing these into their app review submission, forcing the developers to display what they're doing publicly and only then can they make it look like it is not their fault.

They also have to be fair and equal to everyone as well. So, Apple should be accountable to the same policy as well.

 

[Ethosik]

We need a way to hold the developers accountable for falsifying information about their app. Not the company who made it, the developers themselves. That way the industry will have motivation to police themselves and push back on any upper level type that suggests they should do otherwise. At the very least whoever pushes the app or update to the App Store should be individually identifiable and personally liable for the accuracy of their description.

Developers do not do this type of work unless you are a VERY small team. Publishers/leadership is responsible for how it’s released and determines what to say. Any given developer typically only works on a small segment of the overall program.

 

[4jasontv]

Are we saying we're going to take developers to "developer jail" all because someone fudged the privacy label submission? I understand the "rogue" single developer trying to be slick with some no name app (which would be so dumb), but developers aren't usually the ones doing submissions.

Which is why I said, that at the very least the person who submitted the app should be liable for fraud. But by placing the risk on the developer they will be forced to check and make sure their work is accurately represented. I am not talking about jail. I am talking about treating it as fraud and dealing with it appropriately.

Are you joking or have you never had a job that you're forced to do something against your beliefs or opinions? I have never had a job where I have to do something that I don't believe is the right thing to do.

You cannot fault the developers for doing their jobs.

The companies that hire these developers won't give a crap if they get fired or accountable, they'll hire another wave of starving student devs.

It won't work.

Sure I can fault them. Holding the developer accountable means no one will work for the company if people have gone to jail/bankrupt while working for them. Or maybe the will have to make the job worth the risk.

I have a job where people ask me to do stuff off protocol all the time. But while it will make people more money, or their job easier, or make them happier, it's my career on the line. I could go bankrupt and potentially go to jail for some of the stuff people ask me to do. Taking privacy seriously means imposing the same expectations.

 

[4jasontv]

Developers do not do this type of work unless you are a VERY small team. Publishers/leadership is responsible for how it’s released and determines what to say. Any given developer typically only works on a small segment of the overall program.

But that allows the buck to be passed. Someone who didn't write the code can claim they didn't realize it. It's no different than holding the pharmacist responsible if opioids go missing, or a doctor who give the thumbs up for a kid to play football again. Privacy is a serious issue and we need to take it serious. That means holding someone individually responsible.

Honest developers should support this as it increases risk for them and therefore the salary they can demand.

 

[ani4ani]

So what exactly is Apple's team doing with the app submission process, if not to check apps?

Be fair, com'on...they only pick up $5.5B in App Store commissions per annum, what do you think they can afford to do with that pittance?

 

[aesc80]

Which is why I said, that at the very least the person who submitted the app should be liable for fraud. But by placing the risk on the developer they will be forced to check and make sure their work is accurately represented. I am not talking about jail. I am talking about treating it as fraud and dealing with it appropriately.

But you see what I'm saying here? The devs put together the app knowing that they are data collecting and report things as done. The publisher / submitter (who may not be in the development team, mind you) then fudges the privacy label work. All of a sudden, it's "fraud" and the developers are to blame.

Much like what others have said, it's not as easy to point the finger. There's nothing wrong with data collection or even data sharing. If the app doesn't match up with the label, just ban it. Calling it "fraud" has legal ramifications that can easily be corrected in this case with a legal agreement that any app that doesn't conform gets banned (like how it is today).

 

[macintoshmac]

Be fair, com'on...they only pick up $5.5B in App Store commissions per annum, what do you think they can afford to do with that pittance?

Let's hope their responsibility levels rise as high as the pile of cash they make. This is insane, why are we submitting apps for review if the review does not catch the lie in the label!

 

[MikhailT]

Which is why I said, that at the very least the person who submitted the app should be liable for fraud. But by placing the risk on the developer they will be forced to check and make sure their work is accurately represented. I am not talking about jail. I am talking about treating it as fraud and dealing with it appropriately.

1. App submission can be and is automated.
2. The chain of responsibility is not the same across the industry. Large companies that have legal teams may actually enforce this (that's why Google hasn't summited updates just yet) but 99% of the app store that only have 1-2 devs that may not even think about this. They may not know and to prove fraud is not always easy, you have to prove the person intentionally and knowingly did it with the intent to defraud their users.

Many apps uses and include third party SDKs that may be doing the fraud part. In this case, the company that made the SDKs should be banned by Apple and taken to courts if they're knowingly defrauding the developers and users.

It's not as simple as you make it sound.

Sure I can. I have a job where people ask me to do stuff off protocol all the time. But while it will make people more money it's my career on the line. I could go bankrupt and potentially go to jail for some of the stuff people ask me to do. Taking privacy seriously means imposing the same expectations.

Privacy is not protected as a whole in US, there's nothing illegal about what Facebook, Google, and others are doing.

Until we have an actual privacy legislation that does protect user's data, there's nothing Apple can do but to ban them on their private platform. But Apple cannot freely do this because they can be considered as a monopoly by antitrust regulators in certain regions where they have to prove it doesn't benefit them. Banning Google can benefit Apple's services, so this can backfire onto Apple entirely.

That's why Facebook hasn't been banned at all despite being sued and lost a few cases.

It's why Google hasn't been banned despite losing and paying out millions to users whose location data was being tracked and share because of them not following Safari's privacy setting.

Proving fraud is not that easy at all.

 

[Rafagon]

Why does iOS create the Identifier for Advertisers (IDFA) in the first place? I say let the user disable that entirely if he or she wishes. If there is no IDFA to begin with, then no IDFA can be shared.

 

[MauiPa]

I don't really like the idea that Apple comes up with this privacy label idea just for devs to lie on them, because Apple always likes to brag about how much they care about privacy, and we're supposed to assume we can trust them and their privacy labels now. It's too reactionary and relies too much on the honesty of devs, if they even update their apps (looking at you, Google). But I guess catching them lying is better than nothing...

they are not apple's privacy labels, they are the dev's info. Says nothing about trusting Apple or not. But wait until the gatekeeper locks the door, then the lying devs will be turned off (I hope). "Oh, we don't use your data, but please click this ok button to authorize us using your data, k?"