Gregory's Server
- Only data shared directly with the app developer or contracted parties needs to be reported.
- Some categories that aren't vague are way too broad.
Mastodon reporting an empty list here is in fact very obviously wrong. When you log in to mastodon.social from the Mastodon app, you are sharing contact info (email address), identifiers, as well as usage data.
So at the very least you should conclude Threads is doing a better job of informing its users re: privacy than Mastodon gGmbH is.
Overall the App Store privacy labels are a terrible implementation of a potentially good idea. There is no way for a user to figure out how accurately a developer filled that info, and there's no baseline of quality because nobody on the Apple side reviews or enforces this.
Large companies are in fact more prone to over-declaring here because that has ~ no cost except for pissing off privacy loonies (which you can never satisfy anyway) while covering your ass legally.