Snap! Apple’s App Tracking Transparency Framework Has Loopholes

Apple’s App Tracking Transparency (ATT) platform, is supposed to protect users’ privacy by restricting data gathering. It has several flaws, allowing app developers to track users.  The framework, which Apple announced late last year, has serious flaws, according to an independent assessment. The report also explains how the Apple App Store’s Privacy Nutrition Labels. It was introduced last year, may not be accurate for all programs, and may be deceptive in other circumstances.

The team of researchers examined over 1,700 iOS applications to evaluate the extent and efficiency of the App Tracking Transparency framework. Moreover, the team includes an independent researcher and four computer science specialists from the University of Oxford. This privacy feature is making delay after its first introduction owing to implementation issues. But, it finally rolls out to Apple users in December. While Apple’s move to require app developers to make monitoring an opt-in feature makes it more difficult for individual users to reject. The researchers found that large-scale companies may still track individuals without their knowledge.

Also Read: OnePlus 10R 5G Teased The Most Interesting Specifications

Loopholes, bypasses, and outright violations

According to a research report published last week, while ATT works as intended in many areas, gaps in the framework allow firms, particularly huge ones like Google and Facebook, to go around the safeguards and store even more data. Despite Apple’s promise of greater openness, the report warns that ATT may offer many users a false feeling of security.

“Overall, our findings imply that, while Apple’s modifications make it more difficult to track individual users. They also encourage a counter-movement and enhance the market dominance of gatekeeper companies. Along with access to enormous troves of first-party data,” the researchers concluded. “Making the privacy features of applications public through large-scale analysis remains a tough objective for independent researchers and a fundamental impediment to real, responsible, and verifiable privacy measures,” says the report.

Also Read: Most Awaited OnePlus Nord Smartphone Launched in North America

The researchers also discovered nine iOS applications that employed server-side code to produce a mutual user identity. The applications that Alibaba’s subsidiary may use to monitor users across apps. The researchers noted that providing device information for fingerprinting would be against Apple’s regulations. It prohibits developers from ‘deriving data from a device for the aim of uniquely identifying it.’

According to the researchers, Nobody is forcing Apple to follow the policy under any circumstances, allowing the company to add to its data collection stockpile. Apple also exempts tracking for “obtaining information on a consumer’s creditworthiness for the explicit purpose of making a credit assessment,” according to the report.

Also Read: Vivo Y33T and Vivo Y33s Price Drop in India: Details Here

Apple representatives declined to comment. An email submitted to Alibaba requesting comment did not receive a response right away.

More Details App Tracking Transparency Privacy Issue

The number of tracking libraries used in 1,685 applications launched before and after ATT went into force remained about the same. The most popular libraries remained unchanged, including Apple’s SKAdNetwork, Google Firebase Analytics, and Google Crashlytics. Despite the fact that nearly a quarter of the applications tested claimed they didn’t collect any user data, at least 80 percent of them had at least one tracker library.

Also Read: iPhone 15 likely To Have This Camera: Everything Here

Apps that claimed they didn’t collect user data on average had 1.8 tracking libraries and contacted 2.5 tracking companies, according to the study. More than half of the applications that used SKAdNetwork, Google Firebase Analytics, and Google Crashlytics failed to declare that they had access to user data. The Facebook SDK did marginally better, with a failure rate of around 47%.