"Study Reveals iOS Privacy Labels Miss the Mark"

Researchers at Carnegie Mellon University (CMU) have been working for more than a decade to pioneer privacy nutrition labels, advocating for a quick and easy way to inform technology users about how their data is collected and used. Companies such as Apple and Google have recently begun requiring app developers to disclose this type of information in an effort to provide consumers with the information they need to make informed decisions. However, experts at CMU's CyLab Security and Privacy Institute have discovered that their current approach is failing due to difficult-to-find labels packed with confusing technical jargon. Traditional privacy policies are lengthy and filled with legalese, making them difficult to understand, according to Shikun Zhang, a Ph.D. student at the Carnegie Mellon School of Computer Science's (SCS) Language and Technologies Institute (LTI). Furthermore, reading through every privacy policy encountered would take a significant amount of time. The idea behind privacy nutrition labels is to standardize and summarize this information so that users can easily understand it. Zhang interviewed 24 iPhone users in a recent study to investigate their awareness, understanding, and perceptions of Apple's privacy labels. Participants were asked to review the data provided by two food delivery apps and provide feedback on how they interpreted the disclosures. The study's participants largely agreed on the importance of making this information available to users, but the findings reveal significant misconceptions and a general difficulty in understanding what the iOS privacy labels are really saying in their current form. According to Lorrie Cranor, CyLab director, people have difficulty understanding these for various reasons. One issue is that the terminology is difficult to understand. People make assumptions about what words like "tracking" mean when they hear them from Apple, based on everyday life. However, that assumed definition is not always consistent with what Apple means. Users also assume that if a privacy label does not mention a specific data type, it is not being collected, but companies are allowed to omit certain information from these labels if they meet requirements in the fine print. Another significant issue is a lack of awareness of the labels' existence. Privacy labels are currently listed so far down in app descriptions that users rarely scroll far enough to notice them. This article continues to discuss the study on the usability of iOS app privacy labels.  

CyLab reports "Study Reveals iOS Privacy Labels Miss the Mark"