Apple app store labels a win for data privacy culture
- Apple’s app privacy ‘nutrition labels’ will make it clear what data apps are collecting
- A landmark for privacy by big tech, they’ll serve as a prominent display of exactly what data is being used and shared
- This could urge a culture of pro-privacy app development, and make it easy for consumers and enterprises to select data-secure apps
In a world dominated by Big Tech and shady data practices, Apple has taken a big step toward transparency with the launch of App Privacy Nutrition Labels.
These provide users with a rundown of what kind of data is collected and shared by each app before they download it.
That is, any data that is transmitted from a device in a way that makes it possible for third-party partners to access for a period longer than what’s necessary to service the transmitted request in real-time. That could include anything from financial and location data to browsing and purchase history.
And third-parties refers to anything from analytics tools, ad networks, SDKs, or other vendors whose code developers have added.
“For food, we have nutrition labels. You can see if it’s packed with protein, loaded with sugar, or maybe both – all before you buy it,” said Erik Neuenschwander, Apple’s director of user privacy, when the labels were teased earlier in the year.
“So we thought it would be great to have something similar for apps.”
Labels describe data “used to track you”, such as that used by advertisers; data “linked to you”, or information tied to the user’s identity through their app store account; and data “not linked to you”, which is data collected but not linked to an account.
There’s also a logo that indicates when an app collects no data at all, providing a differentiator for privacy-friendly app development, and empowering users with the clarity to make download decisions based on it.
And while some developers are set on developing apps that collect data beyond their product’s functionality, most app creators don’t collect data unnecessarily – the new labels give these developers the opportunity to demonstrate that.
For those that do rely on collecting large amounts of data, a requirement to signpost may urge them to rethink what data they’re collecting and whether it’s all necessary.
For enterprise app users, meanwhile, decisions to download apps for use on private business networks are a lot simpler. Apple’s labels offer IT teams a credible source of information on data use, making it a lot easier for businesses to approve applications for use on company devices.
Apple’s Privacy Nutrition Labels are the latest in a string of pro-privacy updates by the Californian tech giant over many years and set another visual precedent in acknowledging ever-growing demand for user control over data sharing.
Data collection will continue to grow exponentially for the foreseeable future, not just in apps, but in our growing reliance on IoT and other digital services and products in our day-to-day environments. As such, discussions around data privacy and transparency will continue to grow louder – brands and other organizations must address it or face growing resistance and mistrust.
Commenting on the news, Hilary Wandall, TrustArc’s SVP, privacy intelligence, and general counsel, said Apple’s new app privacy requirements were a “significant milestone” in the long-running debate between consumable privacy transparency and legal privacy notices.
“While multi-stakeholder attempts for more than a decade at layered privacy notices, privacy notice icons, privacy nutrition labels, and other forms of privacy notice templates have failed to gain broad traction, Apple’s requirements should serve as the tipping point for making privacy nutrition labels mainstream.”
Apple said that developers will be responsible for keeping responses accurate and up to date. If practices change, developers will have to update responses. If the data isn’t provided, the app won’t be allowed into the official Mac or iOS App Stores.
- NVIDIA achieves a breakthrough in chip manufacturing for ASML, TSMC, and Synopsys
- Adobe Firefly uses generative AI to create images
- GitHub Copilot X: Revolutionizing software development with GPT-4 integration
- Russian ransomware group Lockbit 3.0 leading cyber attacker in Malaysia
- Google Bard is here, but with plenty of disclaimers