Google officially began rolling out a new “Data Security” section for Android apps on the Play Store on Tuesday to highlight the types of data collected and shared with third parties.
“Users want to know what their data is being collected for, and whether developers share user data with third parties,” said Suzanne Frey, vice president of Android security and privacy products. “Furthermore, users want to know how app developers protect user data after an app is downloaded.”
The transparency measure is based on Apple’s “Privacy Nutrition Label” and was first announced by Google nearly a year ago in May 2021.
The Data Security section will be listed for each app on the digital storefront, providing a unified view of what data is being collected, what it is being used for, and how it is being handled, while also highlighting with which third parties it is shared.
On top of that, labels can also show “the application’s security practices, such as encryption of data in transit and whether users can request data deletion,” Frey noted, in addition to verifying these practices against security standards such as mobile application security. Verification Standard (MASVS).
The feature is expected to be gradually rolled out to all users, with a July 20, 2022 deadline for app developers to complete this section and update them if they change the app’s functionality or data processing methods.
That said, data security is expected to face similar concerns as Apple, as the system is built entirely on the honor system, which requires app developers to be truthful and clear about how they handle data, rather than listing inaccurate labels .
Since then, Apple has said it will periodically review the accuracy of the labels to ensure they are reliable and don’t give users a false sense of security about the data being collected and shared.
Google said last year that it intended to create a mechanism that would require developers to provide accurate information and that it would force them to correct misrepresentations if policy violations were found.
While the search giant made it clear that its app review process was not designed to demonstrate the accuracy and completeness of data security claims made by third-party app developers, it outlined robust measures to deal with such breaches.
The company warns that it will take appropriate enforcement action when it finds deviations from the information provided in this section. Failure to ensure compliance may result in updates being blocked or removed from Google Play.
“When Google becomes aware of discrepancies between your app’s behavior and your statements, we may take appropriate action, including enforcement action,” the company said in an updated support article.