PriLabel: Toward Comprehensively Uncovering Omitted Disclosures in Privacy Labels of Android Apps on a Large Scale

Privacy labels on app stores like Google Play are supposed to give users a quick summary of what data apps collect, but many developers fail to accurately report their practices. Researchers created PriLabel, a tool that analyzes decompiled code (machine-readable instructions extracted from apps) to automatically detect when apps transmit sensitive data without disclosing it in their privacy labels. Testing on thousands of popular apps found that many failed to report data collection, including some that transmitted financial information like credit card numbers without proper labeling.