What we learned from Apple’s new privacy labels

We all know that apps collect our data. However, one of the few ways to find out what an app does with our information involves reading a privacy policy.

Let’s be realistic: nobody does that.

At the end of last year, Apple introduced a new requirement for all software developers who publish applications through its App Store. Applications should now include so-called privacy labels, which list the types of data being collected in an easy-to-read format. The labels resemble a nutritional marker on the food packaging.

These labels, which started appearing on the App Store in December, are the latest attempt by technology designers to make data security easier for all of us to understand. You may be familiar with previous iterations, such as the lock symbol in a web browser. A locked padlock tells us that a website is trusted, while an unlocked one suggests that a website may be malicious.

The question is whether Apple’s new labels will influence the choices people make. “After they read or look, does that change the way they use the app or prevent them from downloading the app?” asked Stephanie Nguyen, a scientist who studied user experience design and data privacy.

To test the labels, I examined dozens of applications. Then I focused on the privacy labels for the WhatsApp and Signal messaging apps, the Spotify and Apple Music streaming apps, and for fun, MyQ, the app I use to open my garage door remotely.

I learned a lot. Privacy labels have shown that apps that look identical in function can differ greatly in the way they handle our information. I also found that a lot of data collection happens when you least expect it, including in-house products you pay for.

But while labels are often enlightening, they sometimes create more confusion.

To find the new labels, iPhone and iPad users with the latest operating system (iOS and iPadOS 14.3) can open the App Store and search for an application. Within the application description, look for “Application privacy”. That’s where a box with the label appears.

Apple has divided the privacy label into three categories so that we can have a complete view of the types of information an application collects. They are:

  • Data used to track you. This information is used to track your activity on apps and websites. For example, your email address can help identify that you were also the person using another application in which you entered the same email address.

  • Data linked to you: This information is linked to your identity, such as your purchase history or contact information. Using this data, a music app can see if your account has purchased a particular song.

  • Data not linked to you: This information is not directly related to you or your account. A mapping application can collect data from motion sensors to provide step-by-step instructions for everyone, for example. It does not save this information in your account.

Now let’s see what these labels reveal about specific applications.

Superficially, WhatsApp, which belongs to Facebook, appears to be almost identical to Signal. Both offer encrypted messages, which shuffle your messages so that only the recipient can decrypt them. Both also rely on your phone number to create an account and receive messages.

But their privacy labels immediately reveal how different they are under the hood. Below left is the privacy label for Whatsapp. On the right is the one for Signal:

The labels immediately made it clear that WhatsApp uses our data much more than Signal. When I asked companies about this, Signal said it struggled to bring less information.

For group chats, WhatsApp’s privacy label showed that the app has access to user content, which includes group chat names and group profile photos. Signal, which does not do so, said it has designed a complex group chat system that encrypts the content of a conversation, including people who participate in the chat and their avatars.

For people’s contacts, WhatsApp’s privacy label showed that the app can gain access to our contact list; The signal does not. With WhatsApp, you have the option of uploading your address book on the company’s servers so that it can help you find your friends and family who are also using the app. But at Signal, the contact list is stored on your phone and the company cannot touch it.

“In some cases, it is more difficult not to collect data,” said Moxie Marlinspike, the founder of Signal. “We work hard to design and build technology that we don’t have access to.”

A WhatsApp spokeswoman referred to the company’s website explaining its privacy label. The site said WhatsApp could gain access to user content to prevent abuse and bar people who may have broken the law.

Then I looked closely at the privacy label for an apparently innocuous application: MyQ, by Chamberlain, a company that sells garage door openers. The MyQ app works with a $ 40 hub that connects to a Wi-Fi router so you can open and close the garage door remotely.

Here’s what the label says about the data the app has collected. Warning: it’s over.

Why does a product I paid to open the garage door track my name, email address, device identifier and usage data?

The answer: for advertising.

Elizabeth Lindemulder, who oversees the Chamberlain Group’s connected devices, said the company collected data to target ads to people across the web. Chamberlain also has partnerships with other companies, such as Amazon, and the data is shared with partners when people choose to use its services.

In that case, the label successfully made me stop and think: Ew. Maybe I’ll go back to my old garage remote, which has no Internet connection.

Finally, I compared the privacy labels of two music streaming apps: Spotify and Apple Music. This experience, unfortunately, took me to a rabbit hole of confusion.

Just look at the labels. Below left is the one for Spotify. On the right is the one for Apple Music.

They look different from the other labels featured in this article because they are just previews – the Spotify label was so long that we were unable to display it in its entirety. And when I focused on the labels, they both contained terminology so confusing or misleading that I couldn’t immediately connect the dots for which our data was used.

A jargon of Spotify’s label was that it collected people’s “gross location” for advertising. What does that mean?

Spotify said that this applies to people with free accounts that receive ads. The app extracts information from the device to get approximate locations so that it can play ads relevant to where those users are. But most people are unlikely to understand this by reading the label.

The Apple Music privacy label suggested that it link your data to you for advertising purposes – even if the app doesn’t show or play ads. Only on the Apple website did I find out that Apple Music analyzes what you hear so that it can provide information about upcoming releases and new artists that are relevant to your interests.

Privacy labels are especially confusing when it comes to Apple’s own apps. That’s because, while some Apple apps appeared on the App Store with privacy labels, others didn’t.

Apple said that only some of its applications – such as FaceTime, Mail and Apple Maps – can be deleted and downloaded again from the App Store, so they can be found there with privacy labels. But your phone and messaging apps cannot be deleted from devices and therefore have no privacy labels on the App Store. Instead, the privacy labels for these apps are in support documents that are hard to find.

The result is that Apple’s application data practices are less straightforward. If Apple wants to lead the conversation on privacy, it can set a better example by making the language clearer – and its labeling program less selfish. When I asked why all applications should not follow the same standards, Apple did not address the issue further.

Nguyen, the researcher, said that much needed to happen for privacy labels to be successful. In addition to changing behavior, she said, companies need to be honest when describing their data collection. Most importantly, people must be able to understand the information.

“I can’t imagine my mother stopping to look at a label and saying, ‘Let me see the data linked to me and the data not linked to me,'” she said. “After all, what this means?”

Source