Google Play store application icon on mobile phone screen showing privacy labels for Android apps

New Apple-Like Privacy Labels Come to Google Play’s Android Apps

Google Play has responded to one of Apple’s key privacy features, the “nutrition labels” that tell users what data apps are using at a glance, with its own similar version. Android apps will now have their own privacy labels that contain information on data sharing with third parties, encryption, appropriateness for children and more.

The information displayed is very similar to what is seen on Apple’s privacy labels, but it remains to be seen if Google Play effectively enforces the inclusion of accurate information about Android apps, something that Apple has struggled with thus far.

Google Play’s Android apps add easy-to-read privacy information

The privacy labels are not yet available for Android apps as of this writing, but are scheduled to roll out over the coming weeks. July 20 will be the final deadline for advertisers to disclose the required information.

The privacy labels will be displayed when Android apps are downloaded, and can also be found in the new safety section of Google Play Data (which will roll out gradually to users as a Google Play update).

The plan was first introduced in 2021, and has gone through some minor changes since. The final version essentially attempts to one-up Apple’s privacy labels by adding more information about the developer’s data security policies, allowing users to see not just what data is being requested but also to get a sense of how trustworthy each of their Android apps is.

One major difference between the two platforms remains, however; while Apple requires developers to collect user permission for targeted advertising, and requires the apps to continue to provide full function even if the user declines, Google Play will not have a similar requirement. The new Android privacy labels do require developers to disclose more information about personal information collected for advertising purposes and exactly how it is being used, but it does not forbid them from restricting or denying app access if the end user does not want to be tracked. Android developers will be given roughly a paragraph’s worth of text on the privacy labels to make their case to users as to why this personal information collection is necessary for app function.

Android privacy labels similar to Apple, but with some tweaks

Google has confirmed that the privacy labels will contain the type of data collected and the purpose for it, whether the data is being shared with any third parties, available security practices (such as encryption of data in transit), user ability to access and delete data, whether the app meets a security standard, and whether the app follows the Google Play Families Policy (designed for child protection).

But the exact content of the privacy labels is irrelevant if Google Play is not enforcing the inclusion of accurate information. This is an area in which the company has an opportunity to distinguish itself from Apple, which has struggled to ensure that its privacy labels are actually telling users the truth about apps. When the Apple privacy labels first became available in early 2021, a Washington Post review found that a sampling of popular and often-downloaded apps had worryingly high rates of inaccurate label information. Apple promised to step up the process of conducting random audits to improve enforcement.

There was not any sort of large-scale investigation or follow-up study of this until April 2022, when Carnegie Mellon University’s CyLab published an academic analysis that found compliance continues to be “so-so.” The study found that half of sampled apps did not even have the required privacy label, and nine of a sample of 12 apps had errors on their labels.

Information displayed is very similar to what is seen on Apple's #privacy labels, but it remains to be seen if Google Play effectively enforces the inclusion of accurate information about Android apps. #respectdataClick to Tweet

In terms of enforcement, the policies of the two platforms are the same: Android apps can be blocked from updating or even removed from Google Play if they fail to provide accurate privacy label information, at least on paper, and all Android apps (including those that do not collect any user data) are required to do this. Google has not yet specified what its enforcement plan is going to be, only saying that it has “systems and processes” in place that it is “continuously working to improve.” Another factor in the success of this plan may be how prominent the labels are in the browsing and download process for Android apps, as studies have shown that consumers often remained unaware of the Apple privacy labels long after their introduction.

 

Senior Correspondent at CPO Magazine