If there’s too much sugar in that can of pop, will you stop drinking it?
If there’s too much data collected by that app, will you still download it?
Another daily dilemma for us to deal with: all the apps available through the Apple App Store now have to have a privacy nutrition label, that is, a full listing of the impacts your use of the app can have on your data privacy. So we have to decide if that’s good for us or not.
Like the label that tells us how much fat, how much sugar, how many calories are in that food item we’re about to eat, the privacy label tells us what kind of information is collected by the app, who makes use of that collected data and how, and how data remain linked to a person’s profile even after app usage.
Like many food labels, however, will the data label become so much wallpaper, ignored by the purchaser? Will the purchaser understand the details of what the label conveys? Will he or she act upon that understanding in a way that protects them (and by extension the rest of the online community) from data harm? In many ways, that is is up to us
By requiring and then presenting information about an app’s data collection activities, Apple is giving us tools to protect our personally identifying information online, to understand how that information is used by others, and to inform our ability to give or withhold consent.
The labels will be posted to the app’s page in the store, along with other descriptions of the app’s features and functions.
Again, just like the labels on food in the grocery store, the information on these new privacy labels is only useful if it is read, understood and acted upon.
But unlike the food labels in the grocery store (the contents of which are defined and monitored by the government and Health Canada), the Apple privacy labels contain self-reported information submitted by the app developers themselves.
The new labels are divided into sections, variously titled “Data Used to Track You”, “Data Linked to You” or “Data Not Linked to You”. By clicking on one of the titled sections, more specific details are shown, such as collected data being sub-divided into its own usage categories; there are six such categories, one being a rather disconcerting data use: “other purposes”.
Of course, specific actionable information about how our data is used (be it for tracking our website travels; detailing the time spent on certain websites; listing purchases we’ve made or products we’ve checked out; making recommendations to us about possibly related products or services; determining our current physical location, geographic home-base and routes taken between the two, and much, much more) should always be available to us.
It always should have been available.
Actually, the data label idea is not all that new: at least ten years ago, researcher at the Carnegie Mellon University CyLab in Pittsburgh, PA were working on a “privacy nutrition label” designed to make privacy policies easier to understand and compare. There’s an online demo of the lab’s Privacy Finder software, which although ten years old now is still described as “a work in progress”.
No one should be disinclined or unable to commit, control, protect and set boundaries for their own life (be it offline or on). But, as has been proposed here before, maintaining personal data privacy online takes some work by all concerned.
Some may be unwilling to do that work, however. App developers are pushing back against Apple’s label, even though resistance seems futile.
Facebook for example says it disagrees with the privacy feature but it has basically has no real market choice in the matter, because Apple can remove apps from its store if the app developers do not comply with the privacy feature and label requirements, such as requiring all apps that want to track users across different apps and websites to obtain their users’ explicit permission. As Craig Federighi, senior vice president of software engineering at Apple, told a European Data Protection and Privacy Conference, “[D]evelopers who fail to meet that standard can have their apps taken down from the App Store.”
* * *
As has been noted here before, consumer awareness, increased education, and provider transparency are crucial.
To that end, what if our favourite gadget or online service came with an info sheet that specifies not just data usage, but the good and the bad outcomes product usage may bring?
How about a owner’s manual that carefully describes the moral reckonings made by the developer and manufacturer before releasing their product?
We’re all used to reading product tech specs about processor speeds, screen resolutions, and bandwidth capabilities. How about specs detailing a social media company’s internal security protocols? Or a list of its work with third-party data aggregators?
Shouldn’t tech specs detail how the ethical obligations a product or service provider has to the consumer, to society, to the planet are being met?
Shouldn’t we all be screaming “Yes!” about now?
Some already are. Tech industry initiatives like Tech for Good, the Center for Humane Technology, Truth About Tech are looking at ways to mitigate the dilemma we’re all facing.
The more the tech manufacturing and marketing community joins in the crusade, the better.