Google is planning to crack down on apps that violate its ‘User Data policy’ and don’t have their own privacy policy. It has started sending out notices to developers asking them to put such a policy in place till March 15, or face the consequences.
According to The Next Web, which has put out a copy of the notice shared with developers, Google’s email notes if the developers continue to violate its ‘User Data’ policy, the company could “limit the visibility” of the app or even remove it from the Google Play Store. As the report notes, Google’s crackdown will mean a purge of the app store; a lot of apps that aren’t doing so well and might not have bothered with a privacy policy could be axed.
If one looks at Google’s User Data Policy for apps, it reads like this:
“If your app handles personal or sensitive user data (including personally identifiable information, financial and payment information, authentication information, phonebook or contact data, microphone and camera sensor data, and sensitive device data) then your app must: Post a privacy policy in both the designated field in the Play Developer Console and from within the Play distributed app itself. Handle the user data securely, including transmitting it using modern cryptography (for example, over HTTPS).”
With a lot of apps, privacy policy and encryption standards are never really clear. Also some apps tends to demand permission for pretty much everything on the phone, even if the app doesn’t really need access to a particular function; for instance many gaming apps might want access to your phone or messages, which is not really crucial to their functioning.
However, in Android Marshmallow and above, users can turn off permissions for individual apps, but that still leaves unclear how an app uses some of this data.
Google’s own user data policy adds that the privacy policy formulated by the app should come with “any in-app disclosures,” and also make it clear to the user how the app is collecting, using and sharing this data, especially if other parties are involved in the sharing.
In case of apps that collect “personal or sensitive user data “, the app needs to “prominently highlight how the user data will be used and have the user provide affirmative consent for such use,” adds the policy.
Of course, when it comes to user data privacy, at times many users themselves don’t bother with reading the privacy policy terms. But still that doesn’t mean that apps shouldn’t have one in the first place. Now it looks like Google will make sure the apps do have a policy in place.
Source: Indianexpress