Energy and Commerce Committee Chairman Frank Pallone, Jr. (D-NJ) and Consumer Protection and Commerce Subcommittee Chair Jan Schakowsky (D-IL) wrote to Apple CEO Tim Cook today urging review and improvement of Apple’s new App Privacy labels in light of recent reports suggesting they are often misleading or inaccurate.
The new privacy labels - which purportedly help users better understand an app’s privacy practices before they download the app on any Apple platform - appear as simplified boxes on each app’s product page succinctly summarizing the app’s data collection practices. However, recent reports found that approximately one third of evaluated apps with “Data Not Collected" labels were found to in fact collect data. In one case, a “slime simulator" app was found to have shared identifying information with major tech companies and data about the phone’s battery level, storage, general location, and volume level with a video game software development company, even though its label suggested that the app collected no data at all.
“According to recent reports, App Privacy labels can be highly misleading or blatantly false. Using software that logs data transmitted to trackers, a reporter discovered that approximately one third of evaluated apps that said they did not collect data had inaccurate labels," wrote Pallone and Schakowsky. “A privacy label is no protection if it is false. We urge Apple to improve the validity of its App Privacy labels to ensure consumers are provided meaningful information about their apps’ data practices and that consumers are not harmed by these potentially deceptive practices."
The lawmakers acknowledged simplifying and enhancing privacy disclosures is a laudable goal, but warned that consumer trust in privacy labeling approaches may be undermined if Apple’s App Privacy labels disseminate false and misleading information.
In addition to their request for improvements, the Chairs also requested written responses to a series of questions, including:
* Details on the process by which Apple audits the privacy information provided by app developers and how frequently audits are conducted;
* How many of the apps audited since the implementation of the App Privacy label were found to have provided inaccurate or misleading information;
* Whether Apple ensures that App Privacy labels are corrected upon the discovery of inaccuracies or misleading information; and
* Details regarding Apple’s enforcement policies when an app fails to provide accurate privacy information for the App Privacy label.
