Google Unwanted Software Policy – It’s a fight against snooping apps

Google has expanded enforcement of Google’s Unwanted Software Policy waring Android developers to explicitly declare data collection behaviors.

A few days ago, Google was caught collecting users’ location data even when location services were disabled, many privacy experts questioned the behavior of the tech giant.

Google promptly admitted the practice and suspended it.

Now Google made another move to protect the privacy of its users, it has warned Android developers to explicitly declare data collection behaviors of their apps.

Google revisioned the Safe Browsing rules expanding the enforcement of Google’s Unwanted Software Policy.

“In our efforts to protect users and serve developers, the Google Safe Browsing team has expanded enforcement of Google’s Unwanted Software Policy to further tamp down on unwanted and harmful mobile behaviors on Android.” reads the announcement published by Google.

“As part of this expanded enforcement, Google Safe Browsing will show warnings on apps and on websites leading to apps that collect a user’s personal data without their consent.”

If the developers don’t comply with Google rules within 60 days, the company will warn users via Google Play Protect or on webpages that lead to these apps.

“Starting in 60 days, this expanded enforcement of Google’s Unwanted Software Policymay result in warnings shown on user devices via Google Play Protect or on webpages that lead to these apps.” the announcement said.

Developers of apps that handle either personal data (phone number, e-mail) or device data (such as IMEI number) must prompt the user, and include a privacy policy in the app.

“Additionally, if an app collects and transmits personal data unrelated to the functionality of the app then, prior to collection and transmission, the app must prominently highlight how the user data will be used and have the user provide affirmative consent for such use,” added Google.

Data collection requirements apply to all functions of the app, including crash reporting, the company highlighted that apps cannot transmit the list of installed packages unrelated to their app without an affirmative consent.

Developers can also request an app review using this article on App verification and appeals, it contains guidance applicable to apps in both Google Play and non-Play app stores.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Google Unwanted Software Policy, privacy)

[adrotate banner=”5″]

[adrotate banner=”13″]