Companies want to know everything about you. Don't be flattered. Data detailing your online habits can net corporations millions of dollars in ad revenue. In a worst-case scenario that happens all too often, companies can even gift your personal data to criminals in a data breach. According to experts, some apps on your mobile device may be the worst data collection offenders. We'll tell you how to parse an app's privacy policy and data collection reports for keywords that signal a company's intentions when collecting, storing, and using your private information.

A Privacy Policy Cheat Sheet

It should be easy to tell what kinds of information companies collect by reading the app’s privacy policy. Unfortunately, the reality isn't so straightforward. "I'm very hesitant to tell consumers to read privacy policies,” remarked Jen Caltrider, the project lead for Mozilla's Privacy Not Included team. "I read privacy policies for a living; they're mind-numbing. People that don't read them for a living don't really stand a chance." You can watch our conversation about maintaining privacy while using mobile apps above.

Caltrider offered a couple of suggestions for saving time when perusing privacy policies:

• Skip ahead to the data collection policy. Each privacy policy has a section that details what kinds of data the app collects. Most privacy policies also include details about the company’s policies regarding sharing data with third parties. Look out for apps that collect lots of personal data from you and are unclear about how they use your data. Avoid apps that don’t let you opt out of sharing data with third parties.
• Search for keywords. Open the privacy policy document in a browser and use Ctrl-F to open a search window. Scan the document for keywords related to how your data is being collected and used. I suggest starting your search with the words “sale,” “sell,” and “collect.” 

Privacy Labels Aren't Always Correct

In 2023, Caltrider and her team published a fact-checking report scrutinizing the Google-mandated data privacy labels on the top 20 free and paid Android apps. As PCMag’s Rob Pegoraro noted in his article on the report, 10 of the top 20 paid apps earned a Poor rating, which means Mozilla’s researchers found significant differences between the self-reported data collection practices on the safety label and the developer’s stated collection practices in its privacy policy.

This means that the data safety label information reported to Google may not match the information in the privacy policy. How can you trust that either of these self-reported data-collection statements is accurate? You can't. Instead, it's up to you, the consumer, to protect yourself by viewing the data collection permissions the app requests from your device and determining whether you are comfortable with giving up that information.

Recommended by Our Editors

Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts

Craigslist Founder Teams Up With a Muppet to Persuade People to Stop Clicking on Scams

This AI Kidnapping Scam Is Every Parent's Worst Nightmare

How to Dodge Data Collection

I asked Caltrider to tell me how to spot the most data-hungry apps. I've organized her methods into a checklist before downloading new apps. 

This list may seem like a chore, and it is! You shouldn't have to do this to keep companies from taking your personal information and selling it or using it for their own purposes. Whether through effective federal legislation or independent oversight, companies should be taken to task for not accurately stating their data collection practices. Until that occurs, here are Jen Caltrider's methods for dodging app data collection efforts:

1. Check the privacy details before downloading new apps. Android users should open the app’s page in the Google Play store and expand the section called About this app. Tap the App Permissions link for a detailed view of what other apps or services the app will access on your device.

(Credit: Google/Kim Key)

If you're using an iPad or iPhone, scroll down to the section labeled App Privacy when viewing the app’s page in the App Store, and tap on the sections labeled Data Linked to You and Data Not Linked to You. You can tap each section to get more information about the access the app will request when collecting data on your device.

(Credit: Apple/Kim Key)

1. Check your phone’s permissions for installed apps. As mentioned above, the data collection reported on app storefronts may not be totally accurate. That's why we recommend checking your phone’s app permissions every month to see if some apps collect excessive data. On Android, you can see app permissions by visiting the Settings menu and navigating to Security and Privacy>Privacy>Permission Manager. On an iOS device, access your phone’s app privacy reports by visiting the Privacy & Security section of Settings.
2. Delete unused apps from your device. “You bought your house? Delete that realtor app. You're looking for the love of your life? You got your dating apps, you found them. Great, delete those apps. Get them off your phone as fast as you can,” Caltrider said. She went on to mention that using the browser version instead of an app for social media provides a similar experience but with added privacy.  

Stop Data Collection at the Source

The next time you download an app from the App Store or Google Play, remember this list and consider the time it takes to complete it. Again, I don't believe it should be necessary to access most mobile applications without giving up valuable personal data, but it’s our current reality.

Make tech companies stop collecting your data by shutting off their source of information. Uninstall those invasive apps. Use the web version of popular applications, or don't use them. You have the power to enact change, even if it is small. You also deserve the right to privacy—take some of it back.