Apple's App Store Privacy Labels Let Users Know How Apps Use Their Data

App Store shows you what's in store for your data

Apple is a consumer hardware company that makes most of its money by selling phones, computers, and accessories at premium prices.

It has been for a few years that Apple is adding some privacy features to make it more difficult for other companies to collect user data.

Making good on its promise to provide more transparency, Apple has updated its App Store to have privacy labels to show information about what kinds of user data various iOS apps collect.

The company first introduced the labels as “nutrition label” back during WWDC 2020. But on November, Apple disclosed that all apps on iOS, iPadOS, macOS, watchOS, and tvOS are required to provide the information for the labels, and they will have to be up to date and accurate every time a developer submits a new update.

Developers of apps should provide information needed for the labels by December 8th, or else risk losing the ability to update their apps.

And following that December 8 deadline, Apple is launching the feature officially for all iOS device owners running iOS 14.

In summary, Apple's privacy labels are more or less like Google's Play Store permission list for apps.

What it does, is breaking down data collection into different categories. In Apple's case, Apple is breaking data collection into three different categories:

  1. Data used to track you: This is to inform that the app is linking user data - like personal information, or data collected from their device, such as location data - with other data from other companies’ apps or websites for the purpose of targeted advertising or some other ad-related metric. Apple says it’s also using the term "track" to explain that apps can share user data with others, including data brokers.
  2. Data linked to you: label any data that can be used to identify the app's users. What this means, data gleaned from using the app or having an account with the service or platform, and any data pulled from the device itself that could be used to create a profile for advertising purposes.
  3. Data not linked to you: this portion of the privacy label clarifies when certain data types, like location data or browsing history, are not being linked to users in any identifiable fashion.

The labels aim to give Apple users an easier way to understand what sort of information an app collects across different categories.

And not just that, as the number of data types apps may collect from users are also explained.

For example, the labels can include things like personal contact information (e.g. address, email, phone, etc.); health and fitness information (eg. from the Clinical Health Records API, HealthKit API, MovementDisorderAPIs or health-related human subject research); financial information (e.g. payment and credit info); location (either precise or coarse); contacts; user content (e.g. emails, audio, texts, gameplay, customer support, etc.); browsing and search histories; purchases; identifiers like user or device IDs; usage and diagnostic info; and more.

To detail this even further, Apple's privacy details page has more general information about these labels.

Apple App Privacy
Credit: Apple

All apps are required to provide all the information to populate the labels, including Apple's own native apps.

But in the event an app doesn’t have an App Store product page because it cannot be removed, like the Messages app, Apple said that it is providing privacy label information on the web. Every piece of software on the App Store will also have its privacy label viewable on the web, too.

A few exceptions to the disclosure requirements, include data collected in optional feedback forms or customer service requests.

Developers are expected to understand not only what types of user data their apps may collect, but also how the data is ultimately used.

For example, if an app shares user data with a third-party partner, the developer must know what data that partner uses and for what purposes. And while developers need to disclose when they’re collecting data from Apple frameworks or services, they aren’t responsible for disclosing data collected by Apple itself.

"When you're checking out an app, you’ll get a summary of privacy practices to help you decide if it works for you. Apps you choose to download need your permission to access information like your photos or location — and you can always change your mind about what you share. Starting in early 2021, iOS 14 and iPadOS 14 will require developers to get your permission before tracking your activity across other companies‘ apps and websites for ads or data brokers," said Apple.

Apple’s decision to implement privacy labels is a big win for consumer privacy and could establish a new baseline for how app stores disclose data.

And when speaking about online privacy, it's difficult to not include Facebook into the discussion.

Facebook's iOS app has a long list of privacy labels
Facebook's iOS app has a long list of privacy labels. (Credit: Apple App Store)

Facebook is a social media company, or more specifically, an advertising company that makes money by harvesting detailed information about users in order to help advertisers target and tailor their messages for audiences who are most likely to respond.

On Facebook's app page on App Store, Facebook's privacy label is pretty long, detailing exactly what types pf user data the app collects and what it uses it for.

For example, App Store lists that Facebook is using contact information, identifiers, and other data to "track you," or to help target ads on other apps and websites that Facebook doesn't own. Facebook also collects a variety of data linked to users' identity, according to its privacy label, including health and fitness data, purchases, location, and contacts.

If users tap "See Details," it's revealed that Facebook uses "other financial information" and user content to target ads and collects "sensitive info" for its own analytics.

But perhaps the most memorable part of Facebook's privacy label is how long it is.

When viewed on a phone, the privacy labels occupy several screens.

Nothing at all surprising, but again giving the strong impression that Facebook is collecting a massive amount of data from its billions of users.

Indirectly, the privacy labels show why Apple and Facebook are in conflict. Since newer versions of iOS, Apple is trying to make itself a more privacy-oriented company than ever before, making it a polar opposite to Facebook.