Abstract:Privacy labels -- standardized, compact representations of data collection and data use practices -- are often presented as a solution to the shortcomings of privacy policies. Apple introduced mandatory privacy labels for apps in its App Store in December 2020; Google introduced mandatory labels for Android apps in July 2022. iOS app privacy labels have been evaluated and critiqued in prior work. In this work, we evaluated Android Data Safety Labels and explored how differences between the two label designs impact user comprehension and label utility. We conducted a between-subjects, semi-structured interview study with 12 Android users and 12 iOS users. While some users found Android Data Safety Labels informative and helpful, other users found them too vague. Compared to iOS App Privacy Labels, Android users found the distinction between data collection groups more intuitive and found explicit inclusion of omitted data collection groups more salient. However, some users expressed skepticism regarding elided information about collected data type categories. Most users missed critical information due to not expanding the accordion interface, and they were surprised by collection practices excluded from Android's definitions. Our findings also revealed that Android users generally appreciated information about security practices included in the labels, and iOS users wanted that information added.

What problem does this paper attempt to address?

The paper attempts to address the issue of evaluating the usability of Android Data Safety Labels and comparing their design with iOS App Privacy Labels to explore how different designs affect users' understanding of label information and the practicality of the labels. Specifically, the researchers addressed this issue through the following methods: 1. **Background Introduction**: The paper first introduces the shortcomings of privacy policies, which are often long, complex in terminology, and vague in language, making it difficult for users to accurately understand data practices. Therefore, privacy labels are proposed as a standardized and concise way to represent data practices to improve the shortcomings of privacy policies. 2. **Research Methods**: The researchers conducted a semi-structured exploratory interview study, recruiting a total of 24 participants, including 12 Android users and 12 iOS users. Each participant was shown the privacy labels of three applications and was asked to answer a series of factual questions about data usage practices, as well as their impressions and opinions on the label design. 3. **Research Objectives**: - Evaluate the usability of Android Data Safety Labels. - Compare the design differences between Android Data Safety Labels and iOS App Privacy Labels, particularly how these differences affect users' understanding and the practicality of the labels. 4. **Research Findings**: - Android Data Safety Labels have some issues similar to iOS labels, such as terminology misunderstandings and doubts about the credibility of the labels. - Some users found the information in Android labels to be rich and helpful, while others felt the information was too vague. - Compared to iOS labels, Android users found it easier to understand the distinction between data collection groups and felt the explicit listing of uncollected data types was more apparent. - Most users missed critical information because they did not expand the collapsed interface and were surprised by some data collection practices excluded in the Android definitions. - Android users generally appreciated the inclusion of security practice information in the labels, while iOS users wished for this information to be included in iOS labels as well. Based on these research findings, the paper proposes specific improvement suggestions aimed at enhancing the design of privacy labels in mobile app stores to better help users understand and manage their data privacy.

Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels

The Overview of Privacy Labels and their Compatibility with Privacy Policies

An empirical study of privacy labels on the Apple iOS mobile app store

ATLAS: Automatically Detecting Discrepancies Between Privacy Policies and Privacy Labels

Honesty is the Best Policy: On the Accuracy of Apple Privacy Labels Compared to Apps' Privacy Policies

Are iPhones Really Better for Privacy? A Comparative Study of iOS and Android Apps

Are iPhones Really Better for Privacy? Comparative Study of iOS and Android Apps

Do Android App Developers Accurately Report Collection of Privacy-Related Data?

Privacy in Chinese iOS apps and impact of the personal information protection law

Longitudinal Compliance Analysis of Android Applications with Privacy Policies

How Developers Talk About Personal Data and What It Means for User Privacy

Analyzing Confidentiality and Privacy Concerns: Insights from Android Issue Logs

User Interaction Data in Apps: Comparing Policy Claims to Implementations

Goodbye Tracking? Impact of iOS App Tracking Transparency and Privacy Labels

Privacy concerns for mobile app download: An elaboration likelihood model perspective.

Analytics for "interaction with the service": Surreptitious Collection of User Interaction Data

Before and after China's new Data Laws: Privacy in Apps

Transparency in App Analytics: Analyzing the Collection of User Interaction Data

You can't always get what you want: towards user-controlled privacy on Android

Does the Presence of Privacy Relevant Information Affect App Market Choice?

A Security & Privacy Analysis of US-based Contact Tracing Apps