Google recently launched the new data security section on the Play Store. In this document, app developers are required to explain what personal data and permissions they use to provide their services. It seems that the company sees the Data Security section as a suitable replacement for the old permissions list. Play Store listings now show a shortcut to an app’s data security section rather than the simple list of all the permissions it can request to access.
In screenshots shared by Esper.io’s Mishaal Rahman, we can see a before and after comparison of the Facebook app list. While Google changed the layout of the Further information section significantly, going from three columns to two in its latest redesign, it becomes clear after a while that the permissions section has been replaced by the data security information.
old vs new
Much like a privacy policy, the Data Security section is meant to include all the ways an app could extract personal data from you, as well as explaining what the data is needed for. This also includes permissions, so replacing the list of permissions with the Data Security section isn’t necessarily a bad idea. In fact, it might make things easier for many people to understand, because the permissions listed often don’t have the most intuitive names, which might lead you to believe that you might actually be giving out more personal data than you don’t actually do it.
In theory, the new Data Security section gives you a much better idea of what data and permissions an app uses. However, many big developers still haven’t updated their listings to provide these details. Facebook apps, Amazon apps, Twitter, Disney+, Discord, and ironically even the DuckDuckGo browser haven’t yet completed their data security sections, leaving you without preemptive details about what permissions they require.
Some apps don’t really provide valuable information beyond listing necessary permissions. Rahman calls out Telegram, which just noted that it needs access to location, personal info, messages, photos and videos, and more to provide “app functionality.”
Even apps that do it right can end up overwhelming you with information. For example, the Google Go app lists many reasons why it needs personal data without really explaining any of the general terms used – just look at the screenshot below.
Some parts of Google Go’s data security information
The developers only have until July 20, 2022 to provide this information, so the first issue with apps not providing details at all might not be an issue for much longer. It’s still odd that Google pushes the button and switches things over to the Data Security section before this deadline. At this point, the company could have waited another week until at least all major developers were in compliance with the requirement. Google should also have ensured that the details listed are helpful and not just general statements.
If you really want to see the full list of permissions before installing an app, there are still options for you. Mishaal Rahman notes that you can head to Aurora Store, an open-source Play Store client. In it, the detailed list of permissions requested by an application is always visible. Although Google has stopped publicly displaying this data in the Play Store, it appears to still be stored in the backend.
