Android app privacy policies contain contradictions about data collection
Misleading privacy polices could lead to big fines
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A new study has has shown that the privacy policies of a large number ofAndroid appson theGoogle Play Storecontain contradictions when it comes to how they collect user data.
In an effort to better understand the language used in the privacy policies of popular apps, researchers created a tool calledPrivacyLintwhich they used to analyze the privacy policies of 11,430Play Storeapps. They found that just over 14 percent (1,618 apps) of apps have privacy policies with logical contradicting statements about data collection.
For example, some of the privacy policies stated in one section that they do not collectpersonal data, though in subsequent sections they went on to contradict themselves by stating that they collect emails or customer names, both of which are personally-identifiable information.
Auto-generated privacy policies
The research team was unable to determine why app makers used contradictory statements in their privacy polices but some of them believe the end goal is to mislead any users that actually take the time to read the policies.
However, the reason behind these contradictory statements in regard to data collection is actually a lot simpler in some cases. The research team found 59 apps used online services to auto-generate a privacy policy. Upon further investigation, they discovered that the self-contradicting statements used in these privacy policies were actually part of a template used by the online services utilized by app makers.
Unfortunately though, the vast majority of other privacy policies were unique to each app and were not created using online services. In these cases, the app makers are susceptible to fines fromprivacy watchdogsin the EU and US, according to the research team.
In order to verify the accuracy of the PolicyLint tool, the researchers took a sample of 510 privacy policies with contradictory statements and then verified them manually. Of these 510 apps, the team found contact emails for 260 developers and emailed them about their findings. However, only 11 responded back and just three developers corrected their privacy policies to remove the contradictions.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
ViaZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Rising AI threats are making firms turn back to human intelligence
Thousands of employees could be falling victim to obvious phishing scams every month
Leica’s small new 4K laser projector is a very cool-looking way to get up to 300 inches of movie magic
