Why it matters: Over the last few years, Apple and Google have made app developers on their platforms include nutrition label-style privacy sheets on store pages. They're supposed to give users a good idea of what information apps collect and share, but Mozilla claims to have poked some holes in Google's Android app store policy.

This week, Mozilla released a study chiding Google for flaws in its Android Play Store app privacy label system. The Firefox developer found many discrepancies between what app developers say on the Play Store and what's in each app or service's privacy policy.

The biggest offenders were games like Minecraft, Hitman Sniper, Grand Theft Auto: San Andreas, Need For Speed: Most Wanted, Monument Valley, and more.

Big social media apps also fared poorly in Mozilla's analysis. Facebook, Snapchat, and Twitter had the least accurate Play Store labels, while YouTube, Google Chrome, Gmail, WhatsApp, Instagram, TikTok, and Spotify did slightly better.

Click to enlarge

For example, TikTok's Play Store page says it doesn't share any data with third parties, but the company's privacy policy says it shares technical and usage information with third parties. Comparing Twitter's Play Store page with its privacy policy shows a similar inconsistency.

The Data Safety information on Google Play Store pages and the App Privacy details on Apple App Store pages are supposed to inform users about what information an app collects or shares. They say whether an app collects and shares contact information, location, email address, browsing history, search history, financial information, etc. Apple started its program in 2020, while Google followed suit in 2022.

The Washington Post checked Apple's labels in 2021 against what anti-surveillance software said the apps were sharing. The results showed that many iOS apps shared more than what their App Privacy details disclosed. Mozilla compares its study to the Post's report.

Click to enlarge

One of the biggest problems is that both tech giants trust developers to accurately report what their apps share. Apple's App Store pages admit this in fine print, but Mozilla found that Android's Play Store doesn't. Mozilla recommends that both should disclose their honor systems in plain language.

Furthermore, the Firefox developer finds Google's definitions of "collection" and "sharing" too narrow, possibly letting developers deceive users. Mozilla also doesn't like Google's exemption of anonymized data from label requirements due to doubts about whether data can truly be anonymized.

Mozilla checked 40 of the most popular Android apps and found discrepancies on 80 percent of their Play Store pages compared to their privacy policies. The apps had different levels of incongruity, but 40 percent (16 apps) had severe inconsistencies. Another 37.5 percent (15 apps) had moderate discrepancies, and only 15 percent (6 apps) had little to no difference.