In April 2020, Apple rolled out the App Tracking Transparency (“ATT”) framework, prompting legal and development teams to identify apps that “track”, as defined by Apple, users or access the IDFA and implement the ATT framework accordingly. See here for the NT Analyzer blog post. Technically, if a consumer chooses to opt-out of tracking, the app should no longer “track” the user. However, a new study by a transparency-focused privacy software company confirms that some apps continue to transmit data to third parties despite users having opted-out of “tracking” under ATT. The study tested 10 popular apps and discovered that some continue to track even though those users have “ask[ed] app not to track” when presented with the ATT pop-up.
The study serves as a cautionary tale to businesses. Continuing to track users against the user’s consent could cause issues for companies, including potential reputational harm and enforcement actions as a result of misrepresentations regarding data practices. Indeed, companies that do not have a clear understanding of their apps’ data flows are especially vulnerable to the risk of violating privacy laws.
How can we help?
Through NT Analyzer, we work with clients on a daily basis to help identify and mitigate these problems to help them comply with their data privacy obligations. For example, NT Analyzer allows organizations to see all third parties and data associated with their mobile app or website, enabling them to manage data privacy risk by either entering into relevant agreements or removing the third parties from their mobile app or website.
Special thanks to law clerk Nicole Sakin for her assistance in the preparation of this content.