Google cracks down on privacy-violating Android apps
Apps that fail to display proper privacy policy or handle sensitive data with due care will be deleted, warns Google
Google is cracking down on apps in its Android play sore that lack a proper privacy policy or fail to protect sensitive data.
Developers of Android apps have been receiving messages from Google explaining that their application "currently violates our User Data policy regarding Personal and Sensitive Information".
The main problem with the apps in question seems to be a lack of an easily accessible privacy policy. Apps that "handle personal or sensitive user data (including personally identifiable information, financial and payment information, authentication information, phonebook or contact data, microphone and camera sensor data, and sensitive device data)" must post a privacy policy in the designated area, says Google, adding that they must also "handle the user data securely, including transmitting it using modern cryptography (for example, over HTTPS)".
Apps should also disclose what private information is collected and how and with whom that data is shared, according to the company's user data policy.
The messages have caused a degree of confusion among developers because Google does not provide any contact details for communications, just a deadline which must be met if the app is not to be removed from Play.
Some developers have complained that it is not clear exactly which aspects of their app are in violation of Google's rules.
"Which of those permissions are violating Google User Data? Is there a list of permissions which are violating Google User Data? How to fix it? Should I remove those or is there another solution for it? Also if I have to prepare a privacy policy are there some example ones?," asks MBH on Stackoverflow.
According to The Next Web, Google's plan is to purge millions of "zombie apps" from the Play Store. A hard deadline of 15th March is doing the rounds, after which offending apps will be removed, but developers on the company's forums report being given different cut-off dates.
Computing has asked Google for clarification.
The presence of insecure and privacy-violating apps on Play has been an issue form some time. Recently we reported that some Android VPN software has been found to be riddled with virus, spyware and other malware and also that many supposedly secure apps do not even encrypt data properly.