The Transparency and Consent Framework (TCF), developed by the Interactive Advertising Bureau (IAB) Europe, provides a de facto standard for requesting, recording, and managing user consent from European end-users. Its goal is to help organizations comply with the General Data Protection Regulation (GDPR) and the ePrivacy Directive (ePD). This framework has previously been found to infringe European data protection law and has subsequently been regularly updated. Previous research on the TCF focused exclusively on web contexts, with no attention given to its implementation in mobile applications. No work has systematically studied the privacy implications of the TCF on Android apps. To address this gap, we investigate the prevalence of the TCF in popular Android apps from the Google Play Store, and assess whether these apps respect users’ consent banner choices. By scraping and downloading 4 482 of the most popular Google Play Store apps on an emulated Android device, we automatically determine which apps use the TCF, automatically interact with consent banners, and analyze the apps’ traffic in two different stages, passive (post choices) and active (during banner interaction and post choices). We found that 842 (18.8%) of the 4 482 downloadable apps in our dataset implemented the TCF. Among these apps, we were able to automatize interaction with consent banners of 576 (68.4%) apps, and we identified potential privacy violations within this subset. In 15 (2.6%) of these apps, users’ choices are stored only when consent is granted. Users who refuse consent are shown the consent banner again each time they launch the app. Network traffic analysis conducted during the passive stage reveals that 66.2% of the analyzed TCF-based apps share personal data, through the Android Advertising ID (AAID), in the absence of a lawful basis for processing. Furthermore, 55.3% of apps analyzed during the active stage share AAID before users interact with the apps’ consent banners, violating the prior consent requirement. These results suggest that the implementation of the TCF is prone to significant non-compliance practices, raising yet again serious concerns about its effectiveness in helping organizations adhere to regulatory requirements. We further expose concerns regarding Google as the dominant CMP in our dataset (82.54%), structurally accommodating potential legal violations.