Android applications contradict themselves with data collection |
Researchers have developed a tool called PolicyLint to analyze the language used in the privacy policies of up to 11,430 Android apps in the official Google Play store to prove the large number of Android mobile devices in the Google Play store. The app's privacy policy contains contradictory language. Learn about data collection methods.
Researchers found that 14.2% of the applications (1,618 applications) included privacy policies with logical data related to data collection. Examples include privacy policies, which in one section state that personal data is not available, and in the following discrepancy in the sections, it indicates that it collects emails or customer names.
Although the research team was unable to determine the intention of the app creator to use contradictory terms in its privacy policy, researchers believe that the main goal is to mislead users. If they plan to read the policy.
They also found evidence of the opposite, given that the research team found 59 applications using online services to create automatic privacy policies, and more research on online services revealed that contradictory data is part of the same model, not the app that the program creator added.
"I think we've found four or five different models, but the vast majority of other privacy policies apply to every application. It is unique and does not appear to be the result of an online service that creates the automatic privacy policy," said Benjamin Ando of IBM Research and one of the study's authors.
In this case, the research team said: These application manufacturers are penalized by data protection monitors in the European Union and the United States.
As part of the PolicyLint review process, the research team also manually reviewed and reviewed 510 privacy policy models with conflicting terms. Since this process includes a thorough analysis of the entire application policy, the research team has announced that the app manufacturer has warned of an incorrect privacy policy.
Among the 510 apps, the research team found that emails can communicate with 260 developers and notify them. Among 260 developers, 244 emails received and 16 invalid or unavailable emails.
Of the 244 emails sent, researchers received only 11 responses and only three developers corrected their instructions.
The results of the research are consistent with another study entitled "Discrepancies in the data protection policy for applications" starting in 2019, where a larger sample of Google Play Store applications were analyzed in another study to determine whether data practices were collected and what is specifically stated in the privacy policy .
The research team found that out of 68,051 requests, 10.5% analyzed personal data that was shared with third-party services and did not disclose the data in the privacy policy, and 22.2% of the applications clearly identified external parties in the partner agreement or its subsidiary. Privacy, parties collecting user data while hiding most applications