20k+ apps in the Health and Fitness category and 60k+ likely child-directed apps have no detected privacy policy
Pixalate, the global market-leading fraud protection, privacy, and compliance analytics platform for Connected TV (CTV) and Mobile Advertising, today released its App Store Safety Report for Q1 2022, analyzing apps with no detected privacy policy across the Apple App and Google Play stores.
Pixalate found there are more than 787k “no-privacy policy” apps, ~17% of the Google Play store and ~13% of the Apple App store. Both Google Play Store & Apple’s App Store policies require a developer to have a privacy policy, indicating these apps are likely in violation of the stores’ policies and therefore carry an increased risk to consumers’ & children’s privacy.
Children’s privacy in the U.S. is protected under COPPA rule, requiring apps directed to children to have a privacy policy. Surprisingly, Pixalate found 7% of likely child-directed apps globally don’t have a detected privacy policy. This poses critical risk to children’s online privacy and a potential violation of the COPPA rule.
Even with greater scrutiny being directed towards the privacy of consumer healthcare information, Pixalate still found 13% of Health & Fitness apps have no detected privacy policy in the Google Play store, while that drops to 7% in the Apple App store.
Key Findings
Globally, across the Apple App and Google Play stores, Pixalate found:
- 98% of apps with no detected privacy policy also have no terms of service.
- 3% of apps with undetected privacy policies are in the Health & Fitness category.
- 7% of apps with undetected privacy policies are likely child-directed, according to Pixalate’s COPPA assessment.
- 100k+ Apple apps with no detected privacy policy access end-user personal information; 80k+ Google Play apps with no detected privacy policy access that same data.
- 17k+ no-privacy policy apps are transmitting end user IP information in the advertising bid stream (12k Google, 5k Apple).
- 11k+ no-privacy policy apps share end-user location.
In the U.S. as of the end of Q1 2022, Pixalate discovered that:
- 26k+ U.S.-registered apps have no detected privacy policy.
- 6k+ access end-user personal information.
- 95% of apps with no detected privacy policy have no terms of service.
Apps with no privacy policy are in potential violation of the European Union’s General Data Protection Regulation (GDPR), which requires businesses to disclose their policies on user data collection and usage.
Across the EU, Pixalate found as of the end of Q1 2022:
- 4.8k apps with France as their registered country of origin had no privacy policy.
- Two of the top five countries with the largest percentage of no-privacy policy apps that share end-user information were EU member countries (Spain, Italy).
- 18%+ of apps registered in Russia have no detected privacy policy, according to Pixalate’s data.
Tune in to Martech Cube Podcast for visionary Martech Trends, Martech News, and quick updates by business experts and leaders!