Google Play could now let apps lie about the data they collect

A photo illustration of Facebook, Amazon, Youtube, Google, Apple Store app logos hovering in front of a series of ones and zeros.

Drawing: LIONEL BONAVENTURE/AFP (Getty Images)

Updated: 7/21/22: Google Android Developers Twitter Account announcement On Thursday, they decided to reinstate the app permissions section in Google Play.

In a separate tweet, Google said the data security section provides users with a “simplified view” of what user data apps collect. They added that they would continue to accept feedback on these features.

Original story:

Google is giving up on App Store data privacy. Seemingly thinking that only the app developers themselves really know all of the information they siphon from their users, the platform now relies solely on those same developers not to lie about how they all use those data. good luck with that.

Google Play Store will now require all apps to include a data security listing on their app page to show what types of data are collected from their users by July 20. At the same time, the App Store disabled previous features that allowed users to watch app permissions.

Although often vague, these permissions gave users an idea from Google itself which parts of the phone apps had access.

This means that Google effectively leaves it up to app developers themselves to decide what they include in their safe lists, also leaving room for app developers to potentially lie to its users. The app permissions feature was often convoluted, but at least the information came from Google itself, rather than app developers.

We contacted Google and a representative told us they would have more information later today. We will update when we hear from them.

Apple has long had a similar feature for its App Store, which makes Google’s decision to remove publicly disclosed permissions odd, given how long they’ve been touting this update. In 2021, Google announcement that developers would need to detail an app’s security practices as well as whether the app’s security section has been verified by an independent third party and whether users can delete information after uninstalling it.

Google presents a 2021 beta version of the data supposed to be included on different pages of the App Store.
GIF: Google

But only a few months later, Google amended its original announcement. They removed the application verification requirement and also set a deadline for the first quarter of this year. The company said that app developers who don’t provide a security section before the deadline “could” have rejected additional apps or updates. The bar set for app developers is unclear. Of course, the developers have until Wednesday to add those details, but if the apps that listed their data are anything to go by, the developers really don’t need to include many details.

The Telegram The app’s data security page is very unspecific. Why does it collect your personal information? Oh, just “app functionality”. TikTok, which has been raked over the embers by lawmakers over allegations that he was letting the Chinese government accesses US user datacomplaints about his data security page that it does not share any data with third parties. But it automatically captures user IDs for “analytics, advertising or marketing, security” etc., which is still vague and nonsensical for the average user.

How would Telegram say it is using your location or <a class=personal data? “Fonctionnalité de l’application.”” srcset=”,f_auto,fl_progressive,g_center,h_80,pg_1,q_80,w_80/4dfbb5e6609567a98ef3213969f707a3.png 80w,,f_auto,g_center,pg_1,q_60,w_140/4dfbb5e6609567a98ef3213969f707a3.png 140w,,f_auto,g_center,pg_1,q_60,w_265/4dfbb5e6609567a98ef3213969f707a3.png 265w,,f_auto,g_center,pg_1,q_60,w_340/4dfbb5e6609567a98ef3213969f707a3.png 340w,,f_auto,g_center,pg_1,q_60,w_490/4dfbb5e6609567a98ef3213969f707a3.png 490w,,f_auto,g_center,pg_1,q_60,w_645/4dfbb5e6609567a98ef3213969f707a3.png 645w,,f_auto,g_center,pg_1,q_60,w_740/4dfbb5e6609567a98ef3213969f707a3.png 740w,,f_auto,g_center,pg_1,q_60,w_965/4dfbb5e6609567a98ef3213969f707a3.png 965w,,f_auto,g_center,pg_1,q_60,w_1165/4dfbb5e6609567a98ef3213969f707a3.png 1165w,,f_auto,g_center,pg_1,q_60,w_1315/4dfbb5e6609567a98ef3213969f707a3.png 1315w,,f_auto,g_center,pg_1,q_60,w_1465/4dfbb5e6609567a98ef3213969f707a3.png 1465w,,f_auto,g_center,pg_1,q_60,w_1600/4dfbb5e6609567a98ef3213969f707a3.png 1600w” sizes=” (max-width: 25em) calc(100vw – 32px), (max-width: 37.31em) calc(100vw – 32px), 636px ” draggable=”auto” data-chomp-id=”4dfbb5e6609567a98ef3213969f707a3″ data-format=”png” data-alt=”How would Telegram say it is using your location or personal data? “App functionality.” data-anim-src=””/>

How would Telegram say it is using your location or personal data? “App functionality.”
Screenshot: Google

from google own page to describe these new requirements, apps must not only disclose the data they collect directly, but also any data processed through third-party libraries or SDKs on their apps. Google says it reviews app data collection as part of its app review process, adding “you [app developers] are responsible for making complete and accurate declarations in your application’s listing on Google Play… only you have all the information necessary to complete the data security form. Despite this last statement, Google said it will take enforcement action against apps when there is a discrepancy between the behavior of the app and what is listed on the security form.

The question remains, why would a developer pay more attention to this feature if it wouldn’t see much backfire? coffee business Tim Hortons was recently cited by Canada’s privacy agency for collecting “vast” amounts of user data for years. Still, it doesn’t seem like the fast-food chain is too stressed by Google’s new mandate. From the company app list on the Play Store still doesn’t include its data safety list, even though it only has a few days left before Google’s supposed deadline.


Comments are closed.