Google cracks down on murky data usage policies from app developers

The Google Play Store application as shown on a smartphone display
(Image credit: Shutterstock)

Google has given Android developers a two-month deadline for complying with its latest Play Store data transparency rules, which require all apps to include details on how user data will be processed.

The new rules aim to improve users’ confidence when downloading apps from the Play Store, offering better detail about what each app’s data collection practices involve.

“We heard from users and app developers that displaying the data an app collects, without additional context, is not enough,” said Suzanne Frey, VP of product at Android Security and Privacy, in a blog post.

“Users want to know for what purpose their data is being collected and whether the developer is sharing user data with third parties. In addition, users want to understand how app developers are securing user data after an app is downloaded.”

Developers will have to complete a new section that lives on the app’s info page by 20 July, and include app information such as:

  • If the developer is collecting data, and if so, for what purpose
  • If the developer is sharing data with third parties
  • Details of the app’s security measures, such as any elements of data encryption
  • Whether the app’s security measures are validated against an industry standard, such as MASVS
  • Whether the app complies with Google Play’s Families Policy
RELATED RESOURCE

The state of brand protection 2021

A new front opens up in the war for brand safety

FREE DOWNLOAD

The details developers will need to provide fall broadly under the categories of data collection, data sharing, and cyber security.

Other disclosures will also need to be made such as how the developer plans to deal with account information if they use that information in other areas of the app such as fraud prevention, for example.

The only developers that will be excluded from the deadline will be those who develop system services - apps that are pre-installed on some devices and cannot be uninstalled.

When visiting an app’s Play Store page, users can navigate to the app’s details and discover more details about the app’s privacy and security provisions, alongside the pre-existing safety details and miscellaneous app information.

“Apps should help users explore the world, connect with loved ones, do work, learn something new, and more without compromising user safety,” said Frey. “The new Data safety section, in addition to Google Play’s existing safety features, gives people the visibility and control they need to enjoy their apps.”

Connor Jones
News and Analysis Editor

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.