Google Play Data Safety vs. Apple Nutrition Label
Last Updated: July 6, 2022
What are Apple’s iOS Privacy Nutrition Labels?
Apple iOS Privacy Nutrition Labels require developers to detail their data handling practices in the App Store Connect to help users learn at a glance what data will be collected by an app, whether that data is linked to them or used to track them, and the purposes for which that data may be used. Based on the responses, your App Store product page will be updated to include data about the app’s data collection and usage.
Responses are provided at the app level and should represent your app’s data practices across all platforms. This means developers should take a holistic approach to privacy and if your app collects more data on one platform than another, you should answer in the most comprehensive and inclusive way. Additionally, developers will need to provide information about their app’s privacy practices, as well as the practices of third-party partners whose code is integrated into your app.
What is Google Play Data Safety?
Google Play has announced that July 20, 2022, is the deadline to accurately fill out its Data Safety Form. The purpose of this form is to roll out a new Data Safety section to users that require app developers to properly disclose the data they collect, if and how it’s shared with third parties, security practices, and more. Like Apple’s Nutrition Labels, it provides an opportunity for users to make more informed choices through transparency.
Developers must declare how they collect and handle user data for the apps they publish on Google Play and provide information about how they protect this data through security practices such as encryption. Additionally, this includes data collected and handled by any third-party libraries or SDKs.
Differences: Apple Nutrition Label vs. Google Data Safety
Both sets of labels derive from the same concept of protecting user privacy and promoting transparency, but there are still some core differences. Apple’s Nutrition Labels mostly focuses on privacy – specifically, what data is being collected, including data used for tracking purposes, in addition to informing the user what data is linked to them. However, Google’s Data Safety labels go further by putting a bigger emphasis on transparency and trust – specifically whether you can trust that the data collection is being handled responsibly by allowing developers to detail if they follow best practices around data security. Most simply put, Apple Nutrition Labels are the ‘what‘ behind data collection and Google Data Safety is the ‘what and why‘ behind data collection and security practices.
Most importantly, Google Data Safety labels give Android developers an opportunity to provide more context behind their data collection. This allows developers to make their case as to how that data is used, such as for app functionality, personalization, etc., which gives users a better understanding when they make their decision to download the app. Also, users on Google Play will have the ability to see if that data collection is required or optional.
It’s essential developers read how each platform defines specific privacy terms so as to not under or overreport their app’s data collection and usage practices. For example, Apple tends to focus mostly on advertising and defines terms like “tracking” as data linked with third parties for advertising or advertising measurement purposes or shared with a data broker. Still, some developers took a broad approach to tracking and included location data or data used to track interactions which resulted in overreporting. It is worth noting that Google Data Safety is looking at both data types – precise location (GPS), and approximate location (Wi-fi/Bluetooth).
Similarly, Google requires developers to disclose data as “collected” if it is transmitted off the device, while Apple’s definition of data collection requires both transmission and backend storage. Also, iOS guidance specifies “You are not responsible for disclosing data collected by Apple”, while Google does not offer the same condition.
How CookiePro Helps
Ever since these concepts have been introduced and adopted there continues to be a large gap in developer privacy knowledge, overall understanding of the process to comply, and how to manage ambiguity. Additionally, the challenges of creating a privacy label may make developers reluctant to update their privacy labels in the long run.
CookiePro helps app developers understand and navigate complex privacy requirements while automating the process for quick future updates. CookiePro Mobile App Compliance & Scanner is constantly evolving to eventually give our clients the ability to:
- Review third-party SDKs integrated on your app
- Get an in-depth view of what data is collected by third-party SDKs & APIs
- Review data collection by Google Play data safety category, type, and purpose
- Our mobile app scan will detect and identify data categories and data types. It will make inferences for the purpose but will need review by developers
- Create an SDK and API data collection xlsx that can be exported to a .csv format
- Map data categories directly to GDPR articles
- Full end-to-end integrated workflow for OT assessment and mobile customers