By Alex Psilakis
Google recently launched two major updates aimed at enhancing user privacy and security.
First, Google announced a multi-year effort to develop a Privacy Sandbox on Android. The Privacy Sandbox aims to provide new, more private advertising solutions including limiting the sharing of user data with third parties, and operating without cross-app identifiers, such as Advertising ID. The Privacy Sandbox also seeks to make it safer for apps to integrate with advertising Software Development Kits (SDKs). We believe this approach towards SDKs is especially promising, given that we have previously called on Google to take enforcement action on the inappropriate use of SDKs.
Second, Google launched its Privacy Labels requiring app developers to provide far more information to users about the personal data they collect and share. IDAC has closely followed Google’s development of Privacy Labels and we are pleased to see implementation beginning in the Play Store. Previously we have noted the importance of including in privacy statements information about the specific types of data collected and how each is used, as well as whether users have a choice in sharing personal data. As Google rolls out these new Privacy Labels, it must be transparent and cooperative with third party researchers, including independent watchdogs like IDAC, to ensure these changes have the desired effect to better protect individual user privacy.
These are strong steps in the right direction, though we remain concerned that, because Google and Apple possess different disclosure requirements, both developers and consumers will face unnecessary confusion. For instance, while Google’s privacy labels require that developers share the degree to which users can trust that their data is being handled responsibly, Apple’s labels force companies to disclose what data is being collected. As a result, developers will have to provide different privacy-related information if they wish to publish apps on both the Google Play Store and Apple App Store.
Given the constantly-shifting landscape and varying requirements between platforms, there is an immediate need for bolstered education and accountability. The presence of a clear code that all mobile app platforms implement and developers follow could help eliminate this confusion.
IDAC will continue to follow developments around these important privacy settings and work with platforms and developers to ensure that these programs help develop a mobile app ecosystem that prioritizes and protects consumer privacy.