[ad_1]
“If we become aware that a developer has provided inaccurate information in the data security form and violates our policy, we ask them to correct the issue to bring them into compliance. Non-compliant applications are subject to check“, has declared Google to Mozilla researchers. The company did not respond to questions about Wired US about the nature of its checks or their frequency.
Google’s answer
However, Google rejects the methodology used by the researchers: “This report confuses company-wide privacy policies, which are intended to cover a variety of products and services, with individual data security labels, which inform users about the data collected by a specific app – specifies the company in a press release -. The arbitrary ratings that the Mozilla Foundation has given to apps are not a useful measure of label safety or accuracy, given flawed methodology and lack of supporting information“.
In other words, Google claims that Mozilla researchers misunderstood the scope of the privacy policy they were looking at, or even consulted the wrong policy. In contrast, the researchers state that the privacy policies used in their analysis are exactly the rules linked by each developer on Google Play Storewhich would indicate that they actually apply to the apps in question.
“Google’s response to our research highlights the very problem we have highlighted – explains Caltrider of Mozilla -. What information consumers can trust and can they rely on if the information declared by the app developers in the Data Security section is different from the privacy policies linked on the app page itself? Ultimately, our goal is to help Google give consumers what they need to make informed decisions about their privacy. This starts with Google’s improvement of data security information“.
Exceptions and poor reliability
Mozilla’s report also illustrates how Google’s current data security module creates shaded areas and opportunities that allow developers to omit information about how their apps behave and share user data. For example, the module provides broad reporting exemptions where developers share user data with “service providers” and for “specific legal purposes“. Researchers have found that the definitions used by Google for the words “collection” And “sharing” are limited, which means that developers may not be required to report activities that users might view as data collection and sharing. Mozilla also points out that Google does not require app developers to disclose data collection in case which information is anonymized This aspect is particularly noteworthy when considered in the context of the debates on the possibility of truly anonymize the data and gods many precedents where developers have made mistakes trying to anonymize the data.
Google and Mozilla note that Google Play’s data security mechanism is still new. Researchers say it can be refined and thus become a valuable indicator for users. But without an urgent change, they argue, information related to data security currently they are more harmful than helpfuland provide users with an inaccurate picture of what is happening within their apps with regards to privacy.
.
[ad_2]
Source link
