Europe's GDPR coincides with huge drop in Android apps

The European data protection regime has reduced the number of applications available on Google Play by "a third", increased costs and reduced developer revenue, according to a study published on Monday.

At higher costs, fewer applications are created at the expense of the consumer's mobile application economy, he argues.

"At the beginning of our sample period in July 2016, our data contained 2.1 million applications in the Google Play Store, while AppBrain reported 2.2 million. In 2017, and then at the end of 2018, it increased by almost one million decreased, about 32% The number of applications available on AppBrain also decreased by 31% from the beginning of 2018 to the end of 2018.

In the article entitled "The Lost Generation of GDPR and Innovative Applications", economists Rebecca Jansen (ZEW, Mannheim, Germany), Reinhold Kessler (University of Zurich, Switzerland), Michael Kummer (University of England, Ardelj, Great Britain, United Kingdom United)) studied the impact of the European General Data Protection Regulation ( RGPD ) on the business of mobile applications.

The document, published by the U.S. National Bureau of Economic Research, states: “Whatever the benefits of privacy protection under the GDPR, it entails significant costs for consumers due to limited choices and for producers due to low incomes increased. cost.

Between July 2016 and October 2019, researchers surveyed 4.1 million apps on Google Play. There are currently about 3.48 million apps on Google Play, up from 2.2 million in 2016. GDPR passed immediately before the survey, on April 27, 2016. but was accepted until May 25, 2018.

Program revenue can be generated through in-app purchases, in-app purchases or in-app ads. Together, the document says, the two largest mobile application platforms (Apple and Google) increased their total revenue from $ 43.6 billion in 2016 to $ 83.6 billion in 2019, which is two-thirds of that amount, which is similar to Apple.

Mobile advertising revenue on both platforms rose from $ 80.7 billion in 2016 to $ 189.2 billion in 2019, of which researchers say Google earned about $ 42.8 billion in 2016, reaching $ 95.9 billion in 2019, one-third of total app revenue.

Under GDPR, application developers incur compliance costs that require permission for data collection, transparent data processing, purpose limitation, accuracy, limited storage, confidentiality and liability.

The study, which was presented at various economic forums and will be published in a journal, says that the Android application market has been transformed by the GDPR. According to the newspaper, the number of Android applications dropped by about a third in the quarter after the law went into effect. And under GDPR, fewer new applications were created. The number of new applications decreased by 47.2% and the use of the rest, by 45.3%.

In addition, the average number of users of an application increased by 25%. Users have switched to quality applications and applications have become "a little less intrusive to the GDPR" as if it were an existing trend.

The reason for the investigation.

Dr. Lukasz Oleinik, an independent research and privacy consultant, said in an email to The Register that he welcomed the researchers for conducting the complex study, but questioned whether the reported impact could be causally related to GDPR:

"The authors are probably unaware or unaware of the fact that data protection laws also existed before the GDPR in Europe," Oleinik said. "For example, when I read the following in the document:" Under GDPR, developers must obtain permission from the user to continue processing user data ... ", I could not help thinking that this statement was completely correct before GDPR not ...

The authors seem unaware or unaware of the fact that data protection laws existed before the GDPR in Europe.

"Data processors need to have a proper legal basis for data processing, one of which is consent. So what does the impact of the newspaper really show? Non-compliance and Pre-GDPR privacy violations.

Oleinik said one can realize that secrecy is possible not only from a moral and ethical point of view, but also from an economic point of view.

In the EU, the competition investigation process already accepts this, including privacy as an integral part of welfare analysis, which means that privacy is not only a key issue (it is a constitutional right in the European Union), but it can with the economy to be reconciled. . "Competition aspects," Oleinik said. "The European Commission will update more than a dozen EU competition laws this year. I hope these updates reflect the importance of confidentiality."

Shrems says

Max Schrems, a lawyer / activist with the honorary chairman of noyb և Schrems I և Schrems II, told The Register he could not comment on the details of the document as he had found numerous complaints against the GDPR. :

"If GDPR were a major killer, we would see a lot of applications or websites that are not available in the EU, but are available in the US," he said. "This is really a trend, but only in very specific cases (like local US media, which have virtually no EU readership, so they just do not care about GDPR).

Schrems suggested that there are several other factors that apparently are not taken into account, such as frequent clean-ups of application stores. He also asked why the US and EU applications are not compared side by side.

"Some 'flashlight apps' may not be available, but I'm not sure anyone will notice," he said. "I think people have more demand for good quality applications, those applications generally do not do terrible things with their data, so they do not have to comply with GDPR. So instead of counting the number of applications, it goes probably more important to see if the quality or the relevant applications are gone. "

"Finally, we have not found any relevant attachments that have been withdrawn from the EU due to GDPR in the last three years, we have been working on that," Schrems said. We also did not receive any letter or response in this regard (we receive complaints about everything). So I personally doubt if this is really a "thing" ...

In a telephone interview, co-author Michael Kummer, a professor at the University of England in the UK, said: "We recognize the potential value of data regulation, the use of user privacy, in the digital realm, but it's like GDPR, despite the value it can create, it is a very high value for innovation in the application market. "

Kummer says the one-third drop sounds awful, but the document notes that these applications make up only 3 percent of application usage. "These applications, Max [Schrems] suspects, are mostly useless," he said. "The problem is not that: the problem is that entry into the application market has become much less attractive. And we are seeing far fewer new applications."

• Europe circulates on YouTube to improve cookie deal brochures
• Google will pay a fine of 150 million euros to the French antitrust body
• Google seeks a sovereign market with the product EU Workspace Data
• The first step to privacy is to acknowledge that you have an issue, Google.

Kummer stressed that what he and his colleagues had hoped for was long-term market equilibrium. "If it continues in the long run, if the EU or the application market does not find a solution to this problem, the application market will become a third less valuable in seven or ten years," he explained. .

In response to Olenik's suggestion that researchers could ignore other privacy rules before GDPR, Kummer, who is Austrian, said he and two of his co-authors are indigenous Germans and a fourth German is fluent. և Everyone is familiar with European privacy laws.

"Our main argument is that compliance with the law imposes costs on the programmer who did not follow [GDPR] data protection principles until the regulation came into force," he said.

Kummer hopes the document will encourage regulators to examine what laws they are actually making and make adjustments as needed.

"It is very difficult to determine the causal impact that these laws really have," he said, noting that there is no equivalent to a market-controlled market regulation test.

"We publish these policies, we do not actually develop any randomized controlled trials or methodological approaches to determine what the new regulation does for companies in the market. That is what is missing here." ®: