Discrepancies between Google Play Store Data Safety labels and privacy policies were found for nearly 80% of apps that Mozilla researchers analyzed for a study, which reveals false or misleading statements.

Researchers set out to analyze Google’s Data Safety effectiveness and the accuracy of app publishers when filling out the form.

Few people question the labels on products, but Google Play Store Data Safety labels suggest they should.

Researchers found contradictions between the safety labels and privacy policies of app publishers. For example, the labels for TikTok and Twitter say neither share consumer personal data with third parties, but the apps’ privacy policies state they share user information with advertisers, Internet service providers, platforms, and numerous other types of companies. 

Some 16 out of 40 apps had major discrepancies between their privacy policies and their Data Safety Forms, including Minecraft and Facebook.

Fifteen apps received the middle grade, “Needs Improvement,” which indicated some discrepancies between the privacy policies and the Data Safety Form. These apps include YouTube, Google Maps, Gmail, Twitter, WhatsApp Messenger, and Instagram.

Just six of the 40 apps received an “OK” grade. These apps were Candy Crush Saga, Google Play Games, Subway Surfers, Stickman Legends Offline Games, Power Amp Full Version Unlocker, and League of Stickman: 2020 Ninja.

The study — See No Evil: How Loopholes in the Google Play Store Data Safety Labels Leave Companies in the Clear and Consumers in the Dark — analyzes whether Google’s Data Safety labels, which launched in April 2022, provide consumers with accurate information about how the store’s 2.7 million apps collect, use, and share personal data. 

For the study, Mozilla compared privacy policies and labels of the 20 most popular paid apps and the 20 most popular free apps on Google Play Store. Each label was assigned a rating of “Poor,” “Needs Improvement,” or “OK.”

Apps that received a “Poor” score had major discrepancies on their Data Safety Forms in terms of types of data shared or collected, or the purposes for which the data was shared or collected. Apps that earned an “OK” score had privacy policies that closely aligned with disclosures on the Data Safety Form, and apps that were graded with “Needs Improvement” fell somewhere in the middle.