Friday, February 24, 2023

A whole host of top Android apps really aren't as private as they say

The most popular Android apps aren't as private as they want users to believe, new research carried out by Mozilla has found.

The company, which is behind one of the most secure browsers around, found about 80% of Google Play Store apps' privacy labels to be misleading or false. 

Twitter and TikTok, for example, are infamous for sharing a vast array of users' data with third parties, despite Google labels claiming the opposite.  

"Google must do better"

Mozilla compared privacy policies and Google's labels of the 40 most popular apps in Google Play, 20 of the best free Android apps and 20 premium services. For each app, it was assigned a score of "Poor," "Need improvements" and "OK" based on the discrepancies between their policies and the information reported on the nutrition tags.

What they found was pretty concerning. Only 6 out of 40 apps reviewed obtained a positive rating. The majority of those (16 applications including Facebook, Minecraft and Twitter) got deemed as "Poor." While, among those sat in the middle grade there are YouTube, Google Maps, Gmail, WhatsApp and Instagram. Three apps didn't even have any record of privacy labels.

Experts attribute such results as the outcome of some serious loopholes into the Google's Data Safety Form, making it easy for developers to provide misleading or false information. 

Being aware of online services' data retention and sharing practices is vital for users to have control over their privacy. That's why, following Apple's footsteps, Google Play introduced such labels in April 2022 to help them easily understand exactly how much data their Android apps are collecting.

Researchers said that Google privacy labels repeatedly fail to help consumers make more informed decisions before downloading one of its 2.7 million active apps. 

"Consumers care about privacy and want to make smart decisions when they download apps. Google’s Data Safety labels are supposed to help them do that. Unfortunately, they don’t. Instead, I’m worried they do more harm than good," said Jen Caltrider, Project Lead at Mozilla. 

While app makers need to self-declare the data they collect and share, Google seems to absolve itself of the responsibility to verify whether or not the information compiled is true.

Furthermore, the company even exempts developers from disclosing details around any data sharing with “service providers.”      

"Consumers deserve better. Google must do better," said Caltrider.

Google rejected such allegations. The Big Tech giant argues that Mozilla's arbitrary scores are not helpful to correctly evaluate neither the apps' safety nor the labels' accuracy "given the flawed methodology and lack of substantiating information" - TechCrunch reported

However, Mozilla's report isn't the first of this kind. Apple's privacy tags have previously been accused to give out false details about how its apps collect and share users' data. 

For this, Mozilla believes that both Google and Apple should adopt a universal standardized data privacy system form on their platforms. The provider also recommends the Big Tech firms to take transparent actions against those apps that self-declare misleading information about their privacy policies to ensure users are presented with accurate information at all times.     

"Google Play Store's misleading Data Safety labels give users a false sense of security. Honest nutrition labels help us eat better. It's time we have honest data safety labels to help us better protect our privacy."



source https://www.techradar.com/news/a-whole-host-of-top-android-apps-really-arent-as-private-as-they-say

Blackhat Marketing Scripts / Applications
Twitter Bird Gadget