Google Play Gets Mandatory App Privacy Labels In April 2022

An anonymous reader quotes a report from Ars Technica: In iOS 14, Apple added a "privacy" section to the app store, requiring app developers to list the data they collect and how they use it. Google -- which was one of the biggest targets of Apple's privacy nutrition labels and delayed app updates for months to avoid complying with the policy -- is now aping the feature for Google Play. Google posted a demo of what the Google Play "Data privacy & security" section will look like, and it contains everything you'd expect if you've looked at the App Store lately. There's information on what data apps collect, whether or not the apps share the data with third parties, and how the data is stored. Developers can also explain what the data is used for and if data collection is required to use the app. The section also lists whether or not the collected data is encrypted, if the user can delete the data, and if the app follows Google's "Families" policy (meaning all the usual COPPA stuff).

Google Play's privacy section will be mandatory for all developers in April 2022, and starting in October, Google says developers can start populating information in the Google Play Console "for review." Google also says that in April, all apps will need to supply a privacy policy, even if they don't collect any data. Apps that don't have an "approved" privacy section by April may have their app updates rejected or their app removed. Google says, "Developers are responsible for providing accurate and complete information in their safety section." All of this information is basically just running on the honor system, and on iOS, developers have already been caught faking their privacy labels.

A good thing

[Anubis IV]

For some reason that I don’t understand, Apple has yet to make a native calculator app for the iPad, yet I find myself in need of one on occasion. I wasn’t happy with the one I’ve been using, so I decided to go looking for one a few weeks ago and paid attention to the privacy labels along the way. As you look through those privacy labels, however, you start to realize just how rotten the industry is. For a simple app that shouldn’t need to collect any data to operate, they’re logging analytics, location, unique identifiers, asking for access to devices on your network, you name it. I can’t remember what I landed on, if anything, but it certainly highlights that we have a problem in this field.

Making that information transparent to the user is a very good thing, and I’m glad to hear that Google is following suit. Kudos to them.

Re: A good thing

[Malays2 bowman]

"For a simple app that shouldnâ(TM)t need to collect any data to operate, "

Because we are in the midst of a privacy invasion and telemetry bubble. Hopefully the bubble will burst, and the data collection company heads will have to settle for the 5$ crack whore instead of the thousands dollar call girl to get their dicks sucked.

Re:

[AmiMoJo]

On Android there are loads of open source calculator apps, and of course you can get them from Play or from an open source app store like F-Droid, or build them yourself and side-load.

For some reason open source apps seem much less common on iOS.

Re:

[tlhIngan]

As you look through those privacy labels, however, you start to realize just how rotten the industry is. For a simple app that shouldnâ(TM)t need to collect any data to operate, theyâ(TM)re logging analytics, location, unique identifiers, asking for access to devices on your network, you name it. I canâ(TM)t remember what I landed on, if anything, but it certainly highlights that we have a problem in this field.

The problem is most of those are because of the ads the apps contain. Sometimes yo

One small question

[WaffleMonster]

Will there also be privacy labels for Google play services itself?

Re:One small question

[AmiMoJo]

Yes, and also they are introducing permission requests to use your device's advertising ID. Like on iOS if you decline the app gets 00000000.

Another nice feature that's in Android already is expiring permissions. If you don't use an app for a while the permissions expire and it has to re-request them.

It's like speed limits

[Dixie_Flatline]

Yeah, some people are gonna fake the label, just like not everyone follows the speed limit. The point is to have an additional reason to take action against a bad actor. Enforcement of rules is always a mostly intractable problem, you just want to be able to appropriately punish the ones that you happen to catch.

Re:

[luvirini]

Well, maybe they will eventually (due to pressure) add the things that Apple is adding in iOS 15 that shows what sites the app has connected and how often it has used things like location data.

Everything

[thsths]

We take everything we can, and spread it everywhere. We may even lose it.

Fucking hypocrites

[Malays2 bowman]

I love how these "privacy warriors" banter on about this shit when they are the biggest offenders of them all.

Go eat a bag of dicks you cunts and quit tracking me and quit making the user experience a living hell. Yeah, Google, I am giving YOU the hardest and longest stare.

Hate it

[Malifescent]

The biggest culprit is Google itself. Google is trying to make itself look good with this policy whilst it keeps pilfering users' data whilst hiding the details deep inside its documentation.

Also, in most cases it forces users to share their data or they're banned from their services.

If Google continues with this hypocritical policy I'm very much a proponent of MUCH stronger regulation and maybe even the complete banning of data collection on users.

GDPR compliance

[VeryFluffyBunny]

The description of the rules reads like the first few lines of the EU's general data protection regulation (GDPR). The GDPR is an important first step to regulating the spyware industry but it's certainly insufficient. If for nothing else but national commercial competition & national security reasons. If citizens' data is so valuable, it's in govts' interest to protect it.

But will it be useful?

[CrappySnackPlane]

This sounds great, if it's executed sanely. Considering where the bar's set, though, I can't really bring myself to believe it'll be any more useful than the current Permissions system, where an app which lets you save funny pictures to local storage and an app which adds a third-party watermark to all your saved pictures both get the same "This App can read/write files" warning. Does this app need my location because it's using GPS to determine which language to use, or because it's sending it to Gregory G