EU GDPR coincides with huge drop in Android apps • The Register

According to a study published on Monday, the European data protection regime has reduced the number of applications available on Google Play by “a third”, increasing costs and reducing the income of developers.

And with higher costs, fewer apps are created, to the detriment of consumers and the mobile app economy, he argues.

“At the start of our sampling period in July 2016, our data on the Google Play Store had 2.1 million apps, while AppBrain reported 2.2 million.26 The number of Play Store apps in our sample then drops to 2.8 million in the fourth quarter of 2017, and then drops to almost a million – around 32% – at the end of 2018. Apps available in AppBrain saw a similar decline, of 31% between the beginning of 2018 and end of 2018

In an article entitled “GDPR and the Lost Generation of Innovative Apps”, economics researchers Rebecca Janßen (ZEW Mannheim, Germany), Reinhold Kesler (University of Zurich, Switzerland), Michael Kummer (University of East Anglia, UK ) and Joel Waldfogel (University of Minnesota, USA) examined the impact of the European General Data Protection Regulation (GDPR) on the mobile application industry.

The paper, distributed through the US-based National Bureau of Economic Research, concludes that “whatever the privacy benefits of GDPR, it appears to have come with substantial costs for consumers from a reduced set of choices, and for producers from lower incomes”. and increased costs.”

Researchers examined 4.1 million apps available through Google Play between July 2016 and October 2019. Currently, Google Play has around 3.48 million apps, up from around 2.2 million in 2016. GDPR has been approved shortly before the investigation period, on April 27, 2016. but was not enacted until May 25, 2018.

App revenue can be generated through in-app purchases, in-app purchases, or in-app advertisements. Together, according to the document, the two largest mobile application platforms (Apple and Google) increased their total revenues from $43.6 billion in 2016 to $83.6 billion in 2019, two-thirds of which went to Apple.

Mobile ad revenue on the two platforms grew from $80.7 billion in 2016 to $189.2 billion in 2019, of which researchers say Google captured around $42.8 billion in 2016, rising to $95.9 billion in 2019. Mobile ad revenue during this period accounted for just over two-thirds of the app’s total revenue.

Under the GDPR, app developers face the cost of complying with rules that require consent for data collection, transparent data processing, purpose limitation, accuracy, limited retention, privacy and responsibility.

The research paper, which has been presented at various business conferences and will be submitted for publication in a journal, finds that the Android app market has been transformed by the GDPR. The number of Android apps fell by about a third in the quarters following the law’s implementation, according to the newspaper. And under GDPR, fewer new apps were created – new app entries fell by 47.2% – and usage of remaining ones fell by 45.3%.

In addition, the average number of users per app has increased by around 25% – users have migrated to quality apps – and apps have become “a little less intrusive after GDPR”, although it was already a pre-existing trend.

Cause and effect?

Dr. Lukasz Olejnik, researcher and independent privacy consultant, said The register in an email, he applauded the researchers for undertaking a delicate and complex study, but questioned whether the reported impact could really be causally linked to the GDPR.

“The authors are apparently unaware or unaware of the fact that before the GDPR, data protection laws also existed in Europe,” Olejnik said. “For example, when I read the following in the article: ‘Under GDPR, developers must obtain user consent to continue processing user data…’, I couldn’t Help me to think that this sentence was entirely true also before the GDPR.

The authors are apparently unaware or unaware of the fact that before the GDPR, data protection laws existed in Europe

“Data processors had to have an appropriate legal basis to process the data, one of them being consent. So what is the impact reported in the document? Non-compliance and privacy breaches before the GDPR?”

Olejnik said it’s important to recognize that privacy matters not just morally and ethically, but economically.

“The EU competition investigation process already recognizes this, by including privacy as an integral parameter of the welfare analysis – meaning that privacy is not just a valid concern ( it is a constitutional right in the European Union), but that it can be reconciled with economics and competition aspects,” Olejnik said. “This year, the European Commission will update more a dozen European competition laws, and I expect these updates to reflect the importance of privacy.”

Schrems speaks out

Max Schrems, honorary chairman of the noyb and lawyer/activist behind the Schrems I and Schrems II cases, said The register that although he cannot comment on the specifics of the article, he has seen a lot of backlash against GDPR.

“If GDPR was the big killer, we’d see tons of apps or websites that aren’t available in the EU, but are available in the US,” he said. “It’s actually a trend, but only in very specific cases (like US local media that have next to no EU readership and therefore simply don’t care to care about GDPR).”

Schrems suggested that there are various other factors to consider that don’t seem to be considered, such as periodic app store purges. He also asked why a side-by-side comparison with US and European applications had not been attempted.

“Some ‘flashlight apps’ may be gone by now, but I don’t know if anyone is missing them,” he said. “I guess people have more demands for good quality apps, and those apps usually don’t do terrible things with your data, so they don’t need to adapt to GDPR. So instead of counting the number of apps, it would probably be more important to see if any quality or relevant apps have disappeared.”

“In summary, we haven’t come across any relevant apps taken out of the EU because of GDPR in the last three years we’ve worked on,” Schrems said. “We haven’t received any emails or comments to that effect either (and we get complaints about everything). So personally I have my doubts if it’s really a ‘thing’ …”

In a telephone interview, co-author Michael Kummer, a senior lecturer at the University of East Anglia in the UK, said: “We recognize the use and potential value of data and privacy regulation users in the digital sphere, but it looks like GDPR – for all the value it could have generated – has come at a very high cost for innovation in the app market.”

Kummer said the one-third drop sounds scary, but the document points out that those apps only accounted for 3% of app usage. “These applications are, in large part, like Max [Schrems] suspicious, unnecessary,” he said. “That’s not the problem. … The problem is that entering the app market has become much less attractive. And we’re seeing a much lower number of new apps being created.”

Kummer pointed out that what he and his colleagues had calculated was the long-term market equilibrium. “If this continues in the long term, and if the EU or the app market does not find a solution to this problem, then seven to ten years later the app market will be a third less valuable,” said he explained. .

Responding to Olejnik’s suggestion that researchers may have forgotten that other privacy regulations predate GDPR, Kummer, who is Austrian, said he and two of his co-authors were native speakers. German and the fourth also spoke German, and all are familiar with European privacy laws.

“Our main argument is that compliance with the law involves costs for a developer who has not respected [GDPR and related data protection] principles before the regulations come into force,” he said.

Kummer said he hopes the document will encourage regulators to examine what the laws actually do and make adjustments if necessary.

“It is extremely difficult to assess the causal effect of these laws,” he said, noting that there is no equivalent to a pharmaceutical industry controlled trial when it comes to regulating the drug. market.

“We publish these policies and we don’t actually design any randomized controlled trials or any sort of methodological approach to how to assess what the new regulations do to businesses in the marketplace. That’s the missing piece here.” ®

About Matthew Berkey

Check Also

Finding the right partners is key to protecting our oceans

Sustainability has been part of my life for as long as I can remember. In …