Google Play can now let apps lie about the data they collect
Update: 07/21/22: Twitter account for Google Android Developers announced On Thursday, they decided to restore app permissions on Google Play.
In a separate tweet, Google said the data security section provides users with a “simplified view” of what user data apps collect. They added that they are still accepting feedback on these features.
Google puts its hand up when it comes to App Store privacy. Apparently thinking that only the app developers themselves truly know the totality of the information they receive from their users, the platform now relies solely on those same developers not to lie about how they use that data. Good luck with that.
The Google Play Store will now require all apps to include a data security list on their app page showing what data they collect from users until July 20. At the same time, the app store has disabled previous features that allow users to set app permissions.
While these permissions are often vague, users got a sense of what parts of phone apps they had access to from Google itself.
AG/O Media may receive a commission
This means that Google effectively leaves it up to app developers to decide what to include in their security list, leaving it open for app developers to lie to users. The app authorization feature was often complicated, but at least the information came from Google itself and not from the app developers.
We reached out to Google and a representative said they would provide more information later today. We will update when we hear back from them.
Apple has long been the similar property to the App Store, which makes Google’s move to remove publicly posted permissions odd given how long this update has been touted. In 2021, Google announced that developers must detail an app’s security practices, whether the app’s security section has been audited by an independent third party, and whether users can delete information after uninstallation.
But only a few months later, Google was modified original announcement. They removed the requirement to verify applications and set a deadline for the first quarter of this year. The company said app developers who don’t provide a security patch by the deadline can do so further applications or updates rejected. It is not clear what limit the app developers set. Of course, developers have until Wednesday to provide those details, but when it comes to apps that list their data, developers don’t have to go into much detail.
The Telegraph the data security side of the app is very non-specific. Why does it collect your personal data? Oh, just “app features”. TikTok that already was raked the embers by lawmakers over allegations that he left the The Chinese government has access to US user datahe says data security page that you do not share any data with third parties. But it automatically records user IDs for “analytics, advertising or marketing, security” etc. purposes that are still vague and meaningless to the average user.
Google’s own page to describe the new requirements, it says that apps must disclose not only what data they collect directly, but also the data they handle in their apps through third-party libraries or SDKs. Google says it looks at app data collection as part of its app review process, adding: “You [app developers] are responsible for making full and accurate statements on your app’s store listing on Google Play… only you have all the information you need to fill out the privacy form.” Despite the last statement, Google said it will take enforcement action against apps that show a discrepancy between the app’s behavior and what’s listed on the security form.
The question remains, why would any developer put more effort into this feature if they don’t see much backlash? Coffee company Tim Hortons Canada’s data protection agency recently cited it for collecting “huge” amounts of data on users for years. Still, the fast-food chain doesn’t seem too threatened by Google’s new mandate. The company’s application list the Play Store still does not include the data security list, even though there are only a few days left until the deadline assumed by Google.