Privacy labels provide an easy and recognizable overview of data collection practices adopted by mobile apps developers. Specifically, on the Apple App Store, privacy labels are displayed on each mobile app's page and summarize what data is collected by the app, how it is used, and for what purposes it is needed. Starting from the release of iOS version 14.3 developers are required to provide privacy labels for their applications. We conducted a large-scale empirical study, collecting and analyzing the privacy labels of 17, 312 apps published on the App Store, to understand and characterize how sensitive data is collected and shared. The results of our analysis highlight important criticalities about the collection and sharing of personal data for tracking purposes. In particular, on average free applications collect more sensitive data, the majority of data is collected in an unanonimyzed form, and a wide range of sensitive information are collected for tracking purposes. The analysis provides also evidence to support the decision-making of users, platform maintainers, and regulators. Furthermore, we repeated the data collection and analysis after seven months, following the introduction of additional run-time tracking controls by Apple. Comparing the two datasets, we observed that the newly introduced measures resulted in a statistically significant decrease in the number of apps that collect data for tracking purposes. At the same time, we observed a growth in overall data collection.
Luca Scoccia, Gian; Autili, Marco; Stilo, Giovanni; Inverardi, Paola. (2022). An empirical study of privacy labels on the Apple iOS mobile app store. In Proceedings of the 9th IEEE/ACM International Conference on Mobile Software Engineering and Systems, MobileSoft@ICSE 2022 (pp. 114- 124). Doi: 10.1145/3524613.3527813. https://dl.acm.org/doi/10.1145/3524613.3527813.
An empirical study of privacy labels on the Apple iOS mobile app store
Giovanni StiloMethodology
;
2022
Abstract
Privacy labels provide an easy and recognizable overview of data collection practices adopted by mobile apps developers. Specifically, on the Apple App Store, privacy labels are displayed on each mobile app's page and summarize what data is collected by the app, how it is used, and for what purposes it is needed. Starting from the release of iOS version 14.3 developers are required to provide privacy labels for their applications. We conducted a large-scale empirical study, collecting and analyzing the privacy labels of 17, 312 apps published on the App Store, to understand and characterize how sensitive data is collected and shared. The results of our analysis highlight important criticalities about the collection and sharing of personal data for tracking purposes. In particular, on average free applications collect more sensitive data, the majority of data is collected in an unanonimyzed form, and a wide range of sensitive information are collected for tracking purposes. The analysis provides also evidence to support the decision-making of users, platform maintainers, and regulators. Furthermore, we repeated the data collection and analysis after seven months, following the introduction of additional run-time tracking controls by Apple. Comparing the two datasets, we observed that the newly introduced measures resulted in a statistically significant decrease in the number of apps that collect data for tracking purposes. At the same time, we observed a growth in overall data collection.
| File | Dimensione | Formato | |
|---|---|---|---|
|
3524613.3527813.pdf
Open Access
Tipologia:
Versione dell'editore
Licenza:
Tutti i diritti riservati
Dimensione
1.54 MB
Formato
Adobe PDF
|
1.54 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
