Detecting the Inconsistency between Android Apps’ Data Collection and Google Play’s Data Safety Using Static Analysis

In the rapidly evolving landscape of Android mobile apps, ensuring user data privacy remains paramount. Google introduced a Data Safety section on the app listing page to display privacy and security practices in a short format. Thereby enabling users to make informed decisions regarding the app’s download and usage. Google left the responsibility of providing accurate and complete information on the Data Safety section to the developers. This makes the credibility of the Data Safety section questionable. A static analysis approach has been proposed to verify the consistency between the Android app’s source code and its Data Safety section to ensure that the app behaves as its Data Safety section promises. By analyzing 4980 apps, a significant 67.7% of the apps were found to have inconsistencies, indicating potential misrepresentation of data collection practices. This research highlights the need for rigorous verification of Data Safety information to enhance user trust and privacy.