Ready for the EU Digital Services Act? How Decisions by Apple and by Google Impede App Privacy
25 Pages Posted: 31 Jan 2023 Last revised: 22 May 2023
Date Written: January 31, 2023
Abstract
Ample past research highlighted that privacy problems are widespread in mobile apps and can have disproportionate impacts on individuals. However, doing such research, especially that through automated methods, remains hard and an arms race with those who engage in invasive data practices. This paper analyses how decisions by Apple and Google, the makers of the two primary app ecosystems (iOS and Android), currently hold back (automated) app privacy research and thereby create previously undocumented systemic risks. We base our analysis on a thorough review of the academic literature and on many years of experience in working in the space. Such an analysis is timely and pertinent since the EU Digital Services Act (DSA) obliges Very Large Online Platforms to enable researchers to study systemic risks (Article 40) and to put in place reasonable, proportionate and effective mitigation measures (Article 35).
Keywords: app stores, Digital Services Act, privacy, data protection, online platforms, Apple, Google, iOS, Android, apps
Suggested Citation: Suggested Citation