It seems this cannot be trusted. Meta’s Threads app has a rating of 7/10. See this graphic and explain how it got such a high rating.
Here you can read how the Privacy Score is calculated :
So if you do the calculation :
2 trackers = 7 points
36 permissions = 0 points
which gives a total of 7/10
In my opinion, though, not only the ‘number of trackers’ should be taken into account to calculate the score, but also the ‘type of tracker’ (Crash reporters, analytics, profiling, identification, ads, location), since some trackers are already more privacy-sensitive than others.
The problem is that so many apps, particularly from the likes of Google & Meta, have the data slurping baked in without the need of identifiable trackers. Permissions required for something benign tend to be abused. Many people coming to Murena will be non-technical and not know to make an adjustment to the score based on closed/open source. So I think that should be reflected in the final score. That is, Murena should publish their own adjusted score rather than the Exodus one.
Exodus is only detects the trackers/permissions, the privacy score is calculated by the App Lounge.
I was quite surprised to find no detected in-app trackers in Threads (via App Manager). Other than
com.android.billingclient.api.ProxyBillingActivity which is present in a lot of apps anyway.
Aurora Store shows two trackers: Facebook Login and Facebook Flippper. Powered by Exodus of course so no different than App Lounge.
So maybe its 7/10 rating is not so unbelievable.
Unless they are using some as-yet-unknown tracker libraries.
The graphic in the OP is indicative of nothing really. Nothing in it says that Threads accesses or does any of what is listed. I see lines with…
may be collected
may be used
information has not been verified
To be honest that can apply to most any app one installs, especially if one (unnecessarily) grants it all the permissions it can use.
On Mastodon everyone was going crazy when word was out that Meta would be getting into the Fediverse. Things got more alarmist when Meta met with some Mastodon people.
After that I tuned out. Then Threads debuted. Haven’t been back yet to see what’s happening.
Personally don’t see why one would use Threads unless still living in the FB/IG world.
Reading the OP I found it difficult to untangle the idea that Threads is reported as having only 2 trackers with my prejudices and assumptions that there was enormous potential loss of data within metaverse. The image reflected those assumptions.
I guess the thing is that the Meta users enter that space, then willingly sign away their privacy for the convenience of … (idk) … lots of things including … knowing what friends of friends are sharing.
In light of this, it certainly seems weird to me to think is that we would take “number of tackers” as a number to be used in a quotient to give a fully informed privacy rating.
That reminds me of Amazon apps like Music or Prime. No trackers but as someone once said the apps are the trackers. Meaning they can’t really be used without an account so once you’re logged in your info is all over the place. Either within that walled garden or with everyone they share data with.
Sometimes we forget there are user permissions that can be granted / revoked but also all those other permissions that are automatically granted. A permissions reporting tool gives a good idea.
Ever since LineageOS removed Privacy Guard there is/was less in-ROM control of some things. Some non-LOS ROMs had AppOps but not sure that’s still a thing nowadays. Sure there are root tools but an in-ROM tool would be really nice.
So, rhetorically, what would be the ideal thing for the App Lounge privacy rating to reflect?
- The privacy of the app before the user signs in
- The potential privacy of the app in the event the user abandons all caution.
Maybe something like the F-Droid anti-features text could be added to the app description. The point is to discourage the use of nosey apps (e.g. anything from Meta) and the privacy score as currently determined won’t succeed in that for the average uninformed user.