Android's App Store Privacy Section Starts Rolling Out Today (arstechnica.com) 14
An anonymous reader quotes a report from Ars Technica: Following in the footsteps of iOS 14, Google is rolling out an app privacy section to the Play Store on Tuesday. When you look up an app on the Play Store, alongside sections like "About this app" and "ratings and reviews," there will be a new section called "Data privacy & security," where developers can explain what data they collect. Note that while the section will be appearing for users starting today, it might not be filled out by developers. Google's deadline for developers to provide privacy information is July 20. Even then, all of this privacy information is provided by the developer and is essentially working on the honor system.
Here's how Google describes the process to developers: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."
Once the section is up and running, developers will be expected to list what data they're collecting, why they're collecting it, and who they're sharing it with. The support page features a big list of data types for elements like "location," "personal info," "financial info," "web history," "contacts," and various file types. Developers are expected to list their data security practices, including explaining if data is encrypted in transit and if users can ask for data to be deleted. There's also a spot for "Google Play's Families Policy" compliance, which is mostly just a bunch of US COPPA and EU GDPR requirements. Google says developers can also indicate if their app has "been independently validated against a global security standard."
Here's how Google describes the process to developers: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."
Once the section is up and running, developers will be expected to list what data they're collecting, why they're collecting it, and who they're sharing it with. The support page features a big list of data types for elements like "location," "personal info," "financial info," "web history," "contacts," and various file types. Developers are expected to list their data security practices, including explaining if data is encrypted in transit and if users can ask for data to be deleted. There's also a spot for "Google Play's Families Policy" compliance, which is mostly just a bunch of US COPPA and EU GDPR requirements. Google says developers can also indicate if their app has "been independently validated against a global security standard."