Your iOS VPN app may not be as secure as you think

New privacy labels disclosure rules offer lots of wriggle room, analysts say

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A new analysis of the top twentyVPNapps in the US, UK, Australian, and Canadian iOS App Store editions has revealed that only a mere 12% display accurate privacy labels.

Applerecentlyintroduced privacy labelsfor its App Store, much like the nutritional labels on packaged food, to give users an insight into the apps’ data collection practices and help users make informed decisions.

According to Apple’s plan, apps that collect personal data are required to self-submit information which the company then uses to award any combination of three labels that tell users whether the collected data is linked to the user or not, and whether it can be used to track them.

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

Click here to start the survey in a new window«

Since these labels are based on self-submitted information,Top10VPNdecided to investigate their accuracy formobile VPN apps.

Discouraging results

The analysts identified forty nine unique apps that appear in the top twentyiPhone VPNapps displayed in each of the US, UK, Canada and Australia Apple App Stores.

Of these, only six of the apps displayed privacy labels that adhered to Apple’s guidelines.

Meanwhile, over thirty of the apps had inaccurate privacy labels, while nineteen had two or more incorrect labels. Nine apps had no labels at all since they haven’t submitted any details to Apple.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The US version of the App Store was the biggest offender, with nineteen of its top twenty VPN apps bearing inaccurate privacy labels.

The analysis also revealed that fourteen apps failed to disclose that they were collecting the IP address of their users.

Wriggle room

“Our investigation not only revealed the disturbing proportion of apps with inaccurate or missing privacy labels but also highlighted further flaws in Apple’s system even beyond the fundamental problem posed by self-certification,” the investigators write in their report.

One of the problems they highlight is the fact that the labels are mandatory only for listed apps that send in a new update. This means many apps continue to be listed without labels since their developers haven’t updated them.

The analysts also argue thatApple’s rules around “optional non-disclosure”of data collection in certain circumstances, offers developers a wide berth to avoid disclosure.

If the investigation byTop10VPNis anything to go by, Apple’s intentions with the privacy labels has been pretty much nullified.

ViaTop10VPN

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Is it still worth using Proton VPN Free?

Mozambique VPN usage soars as internet restrictions continue

Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report