play store

Google May Soon Remove Apps With No Privacy Policies From The Play Store

It looks like privacy policy rules are getting tougher on Google’s Play Store platform for the Android operating system. While previously developers could just wing it in terms of displaying privacy policies, Google seems to have put its foot down this time.

What happened? Google has recently informed developers operating on the tech giant’s Play Store that any apps which fail to properly provide a policy regarding that respective app’s take on privacy matters will suffer consequences which end with the termination of said app. In other words, if your app doesn’t have a privacy policy, say goodbye to Google Play Store. This is especially the case for app developers that have their apps request sensitive data from users. In this type of case, privacy policies and an agreement on disclosure are absolutely mandatory if you aim to have a top charting application on Apple’s App Store and now on Google’s Play Store as well.

It appears that neglecting to provide such a policy actually goes against Google’s own User Data Policy, according to the Android developers. An email was sent out to developers with flagged apps, letting them know what’s up and how their apps will be treated by the Play Store management if they fail to comply in a timely manner. The email also let developers know that their apps were requesting sensitive information, making them appear clearer in Google’s crossfire. So what counts as sensitive data?

  • Data such as content provided by the usage of a phone’s camera;
  • Data that comes from the phone’s microphone;
  • Data that is a result of scanning or analyzing a user’s accounts and contacts;
  • Data pertaining from the user’s phone and phone plan including data traffic.

Basically, personal information that specifically and particularly pertains to a user. Or in another words, personal data. Google did not just scold these developers, but also offered them information on what they need to provide in order to continue operating on Google’s platform.

Android Developers have to provide proof of a privacy policy being present not only on the app’s Google Play Store page, but also within the app itself. They have to link Google to the exact locations of these privacy policy copies. The privacy policy in question must contain very specific information regarding how the app is going to access, analyze and use private and sensitive information from the user’s phone.

What happens if they don’t comply?
Apparently, Google is giving developers time until the 15th of March to get this little “assignment” done and turn it in. For those wondering what might happen if a developer just chooses to ignore Google’s warning, the consequences are severe. There are talks about a “limited visibility on the Play Store” type of punishment, but more likely than not, the punishment is complete removal. Developers finding themselves in a defiant mood should know that they are betting their app’s access into the Play Store. The bet is actually a pretty safe one, but not in the favor of developers.

Taking example
Google’s move comes after Apple has instated something similar for its App Store platform. The iPhone manufacturer has decided that all iOS apps must use HTTPS instead of HTTP. This would be a security measure that sought to bring more security to the platform through adopting a safer alternative to HTTP. Apple did not yet set a deadline or a clear explanation of what the consequences would be in case of not complying in time, but one can easily guess.

A report claims that over 70 popular applications from within Apple’s marketplace currently feature vulnerabilities that can lead to data theft and other serious detriments. This might be the type of thing that pushed Apple into adopting its new security measures, and maybe Google has found a similar drive.

Related blog: Best Ways to Avoid Security Issues in App Development

We need better security
It has been widely agreed upon that you can never have enough security. Due to the state of things as they currently are, internet and mobile security are very sensitive subjects. Attackers just love a good mobile platform vulnerability they can exploit, as well as vulnerability in general. With cyber-attacks at an all-time high, it’s no wonder that the big corporations are looking to strengthen their defenses and make sure that their platforms are not compromised. More security measure enforcements are bound to be on their way, but until we learn more about Google’s plans we might see a couple of non-compliant apps get kicked off the Play Store due to lack of a privacy policy.