10 Thoughts Regarding Apple’s New “Privacy Nutrition Labels” | Rothwell, Figg, Ernst & Manbeck, P.C.

0
5

In December 2020, Apple started requiring Apps to display mandatory labels that provide a graphic, easy-to-digest version of their privacy policies.  They are being called “privacy nutrition labels,” presumably a reference to the mandatory FDA-required “Nutrition Facts” labels that have appeared on food since 1990.  Below I offer ten thoughts related to these new labelling requirements.

  1. The idea for Apple’s labels may not have been Apple’s.  As reported by wired.com, in the early 2010s, academic researchers developed mobile app privacy label prototypes and ran tests in 20 in-lab exercises and an online test of 366 participants.  See here.  They found that by “bringing information to the user when they are making the decision and by presenting it in a clearer fashion, we can assist users in making more privacy-protecting decisions.”  For example, according to this Washington Post article, the “privacy nutrition labels” for the Zoom video chat app says it takes six kinds of data linked to your identity, while rival Cisco Webex Meetings says it collects no data beyond what’s required for the app to run.  Just like the “Nutrition Facts” on cereal boxes may influence what cereal box you buy, will “privacy nutrition labels” influence what Apps you download?
  1. While the aforementioned study shows that the new Apple “privacy nutrition labels” could be a game-changer for consumer purchasing behavior with respect to Apps, the real effects will likely depend on a number of factors, including how easy the labels are to understand, how consistently they present information across different products/Apps, where they are presented/how far down one has to scroll, visually how they are presented/whether they stand out to customers, the extent to which Apps “market” privacy and try to compete on privacy policies, and importantly, whether the presented information is accurate.
  1. On the topic of understanding the labels, it seems there is a long way for most consumers to go before they understand what to look for on a “privacy nutrition label.”  But, most users would at least understand that the longer the list of data that the App uses, the more invasive it is with regard to their privacy.  Here is a great article on how to read and understand “privacy nutrition labels,” including some of the key details that consumers may want to scan for.
  1. On the topic of presentation of the labels, my personal view is that Apple has a long way to go if it wants these labels to stand out.  When I first looked for one, I couldn’t find it – I just scrolled right on past it.  Now that I know what I’m looking for, it’s easier to spot.  It will be interesting to see the extent to which users are educated on looking for and using these labels.  It will also be interesting to see if (and how) Apple updates the look and feel of these labels in the future.  Or if an agency ever steps in and mandates similar labelling in the future, similar to the FDA’s “Nutrition Facts” labels.
  1. On the topic of “marketing” privacy and competing based on privacy promises, I think we are already there in some industries.  For example, see my prior blog post: “WhatsApp – An Example of How Companies Compete Based on Privacy.”
  1. On the topic of accuracy, the Washington Post published this Consumer Tech Review: “I checked Apple’s new privacy ‘nutrition labels.’  Many were false.” The reviewer pointed out numerous cases where the privacy labels allegedly misrepresented the data collection practices of the App (and tips on how to determine this).  He concluded that “Apple’s big privacy product is built on a shaky foundation: the honor system.  In tiny print on the detail page of each app label, Apple says, “This information has not been verified by Apple.””
  1. Of course, is it Apple’s obligation to verify the information?  By Apple requiring that the information be disclosed on its “privacy nutrition labels,” it is taking a first step.  Consumer protection laws and regulations exist to police with respect to misrepresentations.  Of course, the chief federal agency on privacy policy enforcement (the Federal Trade Commission) may soon be ruled by the Supreme Court to lack the ability to demand monetary relief (see our post on this here).  Thus, to the extent an App is profiting from its misrepresented “privacy nutrition labels” – and a goal of enforcement would be disgorge those ill-gotten gains – avenues of enforcement outside of the FTC may need to be explored.
  1. Does the fact that Apple’s privacy nutrition labels may be wrong mean they should be disregarded altogether?  While it may be tempting to consider this, I did a quick search on whether food nutrition labels are ever wrong.  This article reported that the law allows a margin of error of up to 20 percent for the stated value versus the actual value of nutrients.  Wow.  Of course, this is different than a cereal representing that it has no fat, and it turns out that it is loaded with fat (which may be more analogous to what some companies are doing by misrepresenting their privacy policies on their Apple “privacy nutrition labels”), but it is still informative.  And what is maybe more informative is the fact that, per the same article, a 2010 study in the Journal of Consumer Affairs purportedly reported that those who read nutrition labels (but did not exercise) were more likely to lose weight than those who did not read labels and did exercise—“[i]n other words, the awareness of a food’s (approximate) nutritional content and portion size does appear to influence eating behaviors in a beneficial way.”  I would imagine that the same may be true with respect to those who read “privacy nutrition labels.”  While they may not always be accurate, paying attention to them may influence your App downloading behaviors in a beneficial way (if you care about privacy).
  1. Now what about the name “privacy nutrition label”?  Is the word “nutrition” in there just as a reference to the FDA “Nutrition Facts,” or is there an implication hidden in there that certain privacy policies are more or less “healthy”?  Here are some definitions of “nutrition” to help you ponder this:
    • gov: “Nutrition is about eating a healthy and balanced diet.  Food and drink provide the energy and nutrients you need to be healthy.  Understanding these nutrition terms may make it easier for you to make better food choices.”
    • Wikipedia: “Nutrition is the science the interprets the nutrients and other substances in food in relation to maintenance, growth, reproduction, health and disease of an organism.  It includes ingestion, absorption, assimilation, biosynthesis, catabolism, and excretion.”
    • Merriam-webster.com: Nutrition is “the act or process of nourishing or being nourished, specifically: the sum of the processes by which an anima or plant takes in and utilizes food substances.”
    • World Health Organization: “Nutrition is a critical part of health and development.  Better nutrition is related to improved infant, child and maternal health, stronger immune systems, safer pregnancy and childbirth, lower risk of non-communicable diseases (such as diabetes and cardiovascular disease), and longevity.”
  1. Finally, what’s the future of these labels?  Will competitors start requiring similar “privacy nutrition labels”?  Will websites start offering them as a “graphic version” of their longer privacy policies?  Will they start to appear at brick-and-mortar establishments on small displays?  While there are risks associated with additional statements of one’s privacy policy (i.e., one more document to maintain, verify the accuracy of, etc.), there may be benefits as well as consumers start to pay more attention to companies’ privacy policies, and companies increasingly compete on privacy promises.

LEAVE A REPLY

Please enter your comment!
Please enter your name here