Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels

Yanzi Lin, Jaideep Juneja, Eleanor Birrell, Lorrie Faith Cranor

TL;DR

The paper investigates how Android Data Safety Labels compare with iOS App Privacy Labels in usability and user comprehension. Through a between-subjects semi-structured interview with 24 participants, the study examines three apps on both platforms to reveal terminology misunderstandings, omissions, and design-level contrasts between the two label formats. It finds that both designs suffer from vagueness and misinterpretation, with Android users more attuned to data-type details and iOS users more focused on data-use purposes, while both groups miss key information if sections are not expanded. The authors offer concrete design recommendations—including clearer terminology, explicit reporting of absent data, integration of security-practice disclosures, and automated verification—to improve label effectiveness and trust for app stores and developers.

Abstract

Privacy labels -- standardized, compact representations of data collection and data use practices -- are often presented as a solution to the shortcomings of privacy policies. Apple introduced mandatory privacy labels for apps in its App Store in December 2020; Google introduced mandatory labels for Android apps in July 2022. iOS app privacy labels have been evaluated and critiqued in prior work. In this work, we evaluated Android Data Safety Labels and explored how differences between the two label designs impact user comprehension and label utility. We conducted a between-subjects, semi-structured interview study with 12 Android users and 12 iOS users. While some users found Android Data Safety Labels informative and helpful, other users found them too vague. Compared to iOS App Privacy Labels, Android users found the distinction between data collection groups more intuitive and found explicit inclusion of omitted data collection groups more salient. However, some users expressed skepticism regarding elided information about collected data type categories. Most users missed critical information due to not expanding the accordion interface, and they were surprised by collection practices excluded from Android's definitions. Our findings also revealed that Android users generally appreciated information about security practices included in the labels, and iOS users wanted that information added.

Data Safety vs. App Privacy: Comparing the Usability of Android and iOS Privacy Labels

TL;DR

The paper investigates how Android Data Safety Labels compare with iOS App Privacy Labels in usability and user comprehension. Through a between-subjects semi-structured interview with 24 participants, the study examines three apps on both platforms to reveal terminology misunderstandings, omissions, and design-level contrasts between the two label formats. It finds that both designs suffer from vagueness and misinterpretation, with Android users more attuned to data-type details and iOS users more focused on data-use purposes, while both groups miss key information if sections are not expanded. The authors offer concrete design recommendations—including clearer terminology, explicit reporting of absent data, integration of security-practice disclosures, and automated verification—to improve label effectiveness and trust for app stores and developers.

Abstract

Privacy labels -- standardized, compact representations of data collection and data use practices -- are often presented as a solution to the shortcomings of privacy policies. Apple introduced mandatory privacy labels for apps in its App Store in December 2020; Google introduced mandatory labels for Android apps in July 2022. iOS app privacy labels have been evaluated and critiqued in prior work. In this work, we evaluated Android Data Safety Labels and explored how differences between the two label designs impact user comprehension and label utility. We conducted a between-subjects, semi-structured interview study with 12 Android users and 12 iOS users. While some users found Android Data Safety Labels informative and helpful, other users found them too vague. Compared to iOS App Privacy Labels, Android users found the distinction between data collection groups more intuitive and found explicit inclusion of omitted data collection groups more salient. However, some users expressed skepticism regarding elided information about collected data type categories. Most users missed critical information due to not expanding the accordion interface, and they were surprised by collection practices excluded from Android's definitions. Our findings also revealed that Android users generally appreciated information about security practices included in the labels, and iOS users wanted that information added.
Paper Structure (54 sections, 20 figures, 2 tables)

This paper contains 54 sections, 20 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Background
  3. Related Work
  4. Evaluations of iOS and Android Labels
  5. Evaluations of Privacy Communications
  6. Methods
  7. Privacy Label Selection
  8. Participant Recruitment
  9. Interview Protocol
  10. Initial Instructions.
  11. Background Questions.
  12. General Usage and Impressions (Just Dance Now).
  13. Definition Questions (Just Dance Now).
  14. Impressions of the Expanded label and Comprehension (Just Dance Now).
  15. Omitted Collection Groups and Security Review (Google Maps).
  16. ...and 39 more sections

Figures (20)

  • Figure 1: Compact labels for the Just Dance Now mobile app.
  • Figure 2: Excerpts from the expanded labels for the Just Dance Now mobile app.
  • Figure 3: Compact Privacy Label of Just Dance Now (Android)
  • Figure 4: Compact Privacy Label of Google Maps (Android)
  • Figure 5: Compact Privacy Label of Tumblr-Fandom, Art, Chaos (Android)
  • ...and 15 more figures