Exploring the Effectiveness of Google Play Store's Privacy Transparency Channels

TL;DR

This study evaluates the effectiveness of Google Play Store's privacy transparency channels, revealing their strengths and weaknesses in helping users make informed app choices, and suggests improvements for all channels.

Contribution

It provides an empirical analysis of user interactions with privacy transparency channels, highlighting their complementary roles and areas for enhancement.

Findings

Data safety channels are most intuitive.

Privacy policy channels are most informative.

Permission manifest raises privacy concern awareness.

Abstract

With the requirements and emphases on privacy transparency placed by regulations such as GDPR and CCPA, the Google Play Store requires Android developers to more responsibly communicate their apps' privacy practices to potential users by providing the proper information via the data safety, privacy policy, and permission manifest privacy transparency channels. However, it is unclear how effective those channels are in helping users make informed decisions in the app selection and installation process. In this article, we conducted a study for 190 participants to interact with our simulated privacy transparency channels of mobile apps. We quantitatively analyzed (supplemented by qualitative analysis) participants' responses to five sets of questions. We found that data safety provides the most intuitive user interfaces, privacy policy is most informative and effective, while permission manifest excels at raising participants' concerns about an app's overall privacy risks. These channels complement each other and should all be improved.