Exploring the Effectiveness of Google Play Store's Privacy Transparency Channels

TL;DR

The paper investigates Google Play Store's three privacy transparency channels—Data Safety, Privacy Policy, and Permission Manifest—and their effectiveness in helping users understand app privacy practices and assess installation risks. Through an online study with $n=190$ US participants and randomized channel sequences across four apps, the authors compare understanding, risk judgments, and overall opinions, revealing that PP is most informative, DS most intuitive, and PM best at elevating risk concerns, with channels showing complementary strengths. They introduce a reproducible web-based platform to simulate channel interfaces, design a five-set question protocol, and perform both quantitative analyses and qualitative coding to derive design and policy recommendations for app store providers, developers, and users. The findings highlight the need for integrated channel design improvements, such as adding inline explanations and better linking of data safety, policy, and permission information, to enhance user privacy awareness and decision making in app selection. The work translates into practical guidance for policymakers and platform operators to tighten privacy disclosures while remaining mindful of user workload and information overload.

Abstract

With the requirements and emphases on privacy transparency placed by regulations such as GDPR and CCPA, the Google Play Store requires Android developers to more responsibly communicate their apps' privacy practices to potential users by providing the proper information via the data safety, privacy policy, and permission manifest privacy transparency channels. However, it is unclear how effective those channels are in helping users make informed decisions in the app selection and installation process. In this article, we conducted a study for 190 participants to interact with our simulated privacy transparency channels of mobile apps. We quantitatively analyzed (supplemented by qualitative analysis) participants' responses to five sets of questions. We found that data safety provides the most intuitive user interfaces, privacy policy is most informative and effective, while permission manifest excels at raising participants' concerns about an app's overall privacy risks. These channels complement each other and should all be improved.

Figures (14)

• Figure 1: An Overview of the Interaction Study Procedure.
• Figure 2: Participants' Agreement Levels on An App's Privacy Practices Before (Question B.2) and After (Question C.2) Interacting with the Three Channels (n=190).
• Figure 3: Details of Participants' Agreement Levels in Questions B.2 and C.2 from Three Aspects.
• Figure 4: Complementary Cumulative Distributions of the Response Accuracy for Questions C.3 to C.7. (A channel does not appear in a subfigure if it does not convey the corresponding practices in any of the four apps, n=143 is due to the exclusion of the DW app, and n=140 is due to the exclusion of the Once app, per the ground truth in the subfigure 4a.)
• Figure 5: Details of Participants' Agreement Levels in Questions B.7 and C.12 from Three Aspects.