Apple’s Craig Federighi on App Store’s new privacy labels: we want competitors to copy us

Apple today has finally launched its long-awaited privacy labels for apps distributed across its App Stores. The company first unveiled the privacy labels back at WWDC in June and designed the feature as a sort of “nutrition label” for apps by identifying the privacy characteristics each app has. The idea behind the labels is that they provide transparency in an easy-to-digest format, which allows users to quickly see how a specific app handles their data before they download it.

As with many of the steps Apple has taken recently to improve user privacy protections, Apple’s new app privacy labels haven’t been without controversy. Apple required all developers to self-report their privacy practices for the new labeling by December 8. While most did so without a hitch or complaint, a day later Facebook’s WhatsApp publicly criticized Apple’s app privacy label initiative as being overly broad and also fearing it would not apply to Apple’s first-party apps pre-installed on the iPhone, which are not listed in the App Store itself. That fear was nullified later that same day when Apple clarified that both all its own apps on the App Store and the apps pre-installed on the iPhone would also be required to abide by the new privacy label policy.

Here are the full details of Apple’s App Store privacy labels launching today:

The labels are a requirement for any app listed on any App Store operated by Apple. This includes the iOS App Store as well as the app stores for iPadOS, macOS, watchOS, and tvOS.
Apple’s own apps are required to abide by the App Store privacy labeling policy, too. All the Apple apps that are distributed in the company’s App Stores will display privacy labels in the App Store listings, and any apps that come preinstalled on Apple devices that are not available in the App Stores will feature identical privacy labels published on Apple’s website.
App labels are generated from data app developers self-report. Developers can update their app’s privacy labels at any time without needing to submit a new build of their app to the App Stores. This means that if a developer’s back-end privacy policy changes, they can (and are required to) quickly and easily update their app’s privacy label in the App Store.
App Store privacy labels are divided into three categories: “data used to track you,” “data linked to you,” and “data not linked to you.”
“Data used to track you” refers to the linking of user or device data from an app with device or user data acquired from other apps, websites, or advertising profiles. Also included in this category is whether an app shares device or user data with data brokers.
“Data linked to you” refers to data that is tied to your specific identity, like your name, age, gender, etc. An app would have this data if you supplied it as part of your user account info when creating a profile with an app. Apps will also have this type of data if the app collects specific information about you. For example, an app like Facebook would have “data linked to you” such as your birthday or previous work history–anything you told Facebook about yourself, in other words. Another example of such data: any apps that track your weight or other health metrics you provide it.
“Data not linked to you” includes things like diagnostic data an app collects.
The privacy labels are for transparency purposes only. They do not nullify existing privacy controls built into Apple’s operating systems already. For example, an app’s privacy labels may reveal the app uses your location data, but the user still has the power to limit that app’s ability to access their location data by using the built-in location privacy controls in iOS.

I spoke with Craig Federighi, Apple’s senior vice president of software engineering, in advance of the rollout. He told me that the labels are “the start of something really ambitious.” Federighi said that Apple transparency efforts are critical in a world where more of our personal data is collected than ever before, and the new labeling is something Apple will iterate on and perfect as time goes on. The ultimate raison d’être for the privacy labels is to help users be better informed about how their data is being used—and Apple thinks the new labels are going to be something users really come to appreciate when deciding which apps to download.

But unlike most of Apple’s innovations, Federighi says he hopes Apple’s competitors and other in the industry will blatantly copy this one. “The work we’re doing here we view in the context of providing leadership to the industry, raising users’ expectations of what they should expect and demand in privacy, ” Federighi told me when I asked if he’d like to see the Google Play store roll out similar labeling. “And we absolutely expect that others in the industry will respond to the heightened expectations and demands of customers and improve privacy—and we think that’s great.

“This is one category where if they want to copy some of our best ideas toward improving user privacy—we embrace that,” he added.