Madskip / Pixabay
At least 80% of the most popular free VPN apps in Apple’s App Store are in breach of its new data-sharing guidelines, according to a new investigation carried out by VPN review service Top10VPN.com.
Despite introducing strict new rules for developers of VPN apps on June 3 that prohibit sharing data of any kind with third parties or face removal from the App Store, Apple appears to be failing to enforce them, as the offending apps remain available to download.
We reviewed the privacy policies of the top 20 free VPN apps to determine whether Apple was enforcing compliance with its updated guidelines and found 16 of them (80%) to be in apparent breach of the rules. A further app was also considered to be non-compliant due to a complete lack of substantive detail in its extremely thin privacy policy to back up claims of never sharing user data.
These 17 apps are being downloaded almost 6 million times every month even as they fail to comply with the new rules, which state, “Because VPN provides access to sensitive data, VPN apps may not sell, use, or disclose to third parties any data for any purpose, and must commit to this in their privacy policy.”
Data-sharing practices that appear to flout Apple’s new rules include:
– Providing advertisers with user location data to facilitate geo-targeted ads
– Sharing “non-personally identifiable visitor information” with third parties for “marketing, advertising, or other uses”
– Interests-based advertising by third-party ad partners
– Collection of users’ IP addresses by third parties for “marketing attribution purposes”
Despite our review overlooking reasonable data-sharing to comply with local laws, only three apps were compliant with Apple’s guidelines, which do not actually explicitly make allowances for sharing data with law enforcement.
Our study follows an earlier Top10VPN investigation into this important category of app that found nearly 60% of the most popular free VPNs were secretly Chinese-owned, despite China’s VPN ban and its notorious hostility to privacy, while 85% had substandard privacy policies.
Apple has yet to acknowledge any of the serious issues identified in that investigation, even after we formally notified them of the privacy and security risks posed by the VPN apps identified in our original findings of November last year..
Simon Migliano, Head of Research at Top10VPN.com, says:
“It’s definitely a step in the right direction for Apple to recognize the sensitivity of the VPN category of apps with the formal expectation of a higher standard of data privacy than with other apps.
“However unless Apple takes action to enforce these new rules and kick non-compliant apps from its App Store then it’s simply paying lip service to privacy. Apple also needs to take a strict line with developers whose policies are so lacking in detail that any claims to never share data with third parties should be disregarded as empty promises.
“I’ve been calling on Apple for months to treat VPN apps as a special case in terms of its review guidelines. While I am pleased that they have finally done so, they still need to set the bar much higher regarding the level of detail required in VPN privacy policies for logging and retention of session metadata. Some of the policies are so lacking it’s frankly unbelievable that Apple permits it.
“There is still much more to be done, however. Apple also needs to set minimum standards for corporate transparency and fitness to operate a VPN service. Too many of the top apps have questionable and opaque ownership and since Huawei has come under the microscope, so too should certain VPN service providers.“
Top10VPN.com is a leading VPN review service. It rates and reviews the best VPN services to help protect consumers’ privacy online. The company also raises awareness about important privacy and cybersecurity risks through its research and investigations.
If you would like to have your company featured in the Irish Tech News Business Showcase, get in contact with us at Simon@IrishTechNews.ie or on Twitter: @SimonCocking
Vault365, a leading provider of data protection services, has announced that it forecasts revenue growth…
CloudCIX, in conjunction with AlloComp, will host AI FORWARD > Supercomputing the Future, a one-day…
Munster Technological University (MTU) will host a major stakeholder workshop exploring the future of rural…
Pendulum Summit kicks off this Friday for the 12th year, founded by Irish International rugby…
Tyndall National Institute was awarded six projects from SEAI’s National Energy Research, Development & Demonstration…
ServiceNow the AI control tower for business reinvention, and OpenAI has announced an enhanced strategic…
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at Simon@IrishTechNews.ie now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at Info@IrishTechNews.ie now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.