A consolidated group of researchers, which included experts from the University of North Carolina, the University of Illinois, and IBM Research, studied 11,430 applications from the Google Play Store by carefully analyzing their privacy policies. For this, a special tool called PolicyLint was developed, which studied the language of documents.
It turned out that in 14.2% of cases (1618 applications) privacy policies contain logically conflicting statements regarding the collection of user data. So, in one section of the document it may be indicated that the application does not collect personal data of people, while in the subsequent sections it is stated that the application collects email addresses or names, which are also personal data.
Although the researchers were not able to determine whether the developers intend to draw up the documents in this way, analysts believe that this is done intentionally, in order to mislead users, if they even bother to spend time reading the agreements.
Experts were able to establish that 59 of the applications studied generally used online services to automatically create privacy policies, and conflicting statements were part of standard templates. However, the vast majority of privacy policies were unique and were unlikely to be the result of errors. Researchers emphasize that developers of such applications can attract regulatory attention and be punished in accordance with EU and US laws.