Loopholes in Google’s Data Safety Labels Keep Companies in the Clear and Consumers in the Dark

Few people stop to question the accuracy of nutrition labels on packaged food. But food labeling wasn’t always so trustworthy. Companies found it relatively easy to make false and misleading health claims on food packaging until the U.S. Supreme Court cracked down on the practice in 1973, and the U.S. Food and Drug Administration (FDA) didn’t introduce its standardized, mandatory “Nutrition Facts” label until 1990. It took three decades from when nutrition labels first appeared on food to when they provided consumers with accurate, useful information about what they were eating. Today, nutrition labels have become so trusted that they’re even required on fast food menus.

When it comes to knowing how online apps use our personal data, consumers are still largely unprotected, similar to the landscape in the early years of nutrition labeling. Mozilla began its *Privacy Not Included project in 2017 to make it easier for consumers to assess the privacy and security features of products that connect to the internet before they make a purchase.

Mozilla’s latest research tested Google’s new data transparency system, its Play Store’s Data Safety Form, to see how well it helped people understand what personal information an app collects and shares. In 2021 alone, Google Play’s mobile apps generated $48 billion U.S. dollars in worldwide gross revenue.

When we identified 40 of the Play Store’s most popular apps by number of global downloads and compared their privacy policies with the information they reported on Google’s Data Safety Form, we found significant discrepancies:

More at https://foundation.mozilla.org/de/campaigns/googles-data-safety-labels/