The Android app store’s privacy section is starting to roll out today

To follow in the footsteps of iOS 14, Google is rolling out an app privacy section to the Play Store on Tuesday. When you launch an app in the Play Store, along with sections like “About this app” and “Ratings and reviews”, there will be a new section called “Data protection and security” where developers can explain what data they collect. Google unveiled this feature last year, and it’s finally starting to appear in the Play Store today.

Note that while section will be shown to users from today, it may not be filled in by developers. Google’s deadline for developers to provide privacy information is July 20th. Even then, all of this privacy information is provided by the developer and works essentially on the fee system. Here’s how Google describes the process to developers:

You are solely responsible for making complete and accurate statements in your app store list on Google Play. Google Play reviews apps across all policy requirements; however, we can not make decisions on behalf of the developers on how to handle user data. Only you have all the necessary information to complete the data security form. When Google becomes aware of a discrepancy between your app behavior and your statement, we may take appropriate action, including enforcement action.

Once the section is up and running, developers are expected to indicate what data they are collecting, why they are collecting it, and who they are sharing it with. The support page has a large list of data types for items such as “location”, “personal information”, “financial information”, “web history”, “contacts” and various file types. Developers are expected to state their data security practices, including explaining whether data is encrypted during upload and whether users can request to have data deleted. There is also a place for compliance with “Google Play’s family policy”, which is mostly just a set of US COPPA and EU GDPR requirements.

Google says developers can also indicate if their app has been “independently validated against a global security standard.” Google has a “Mobile Application Security Assessment” standard, and developers can pay between $ 3,000 and $ 6,000 to get a “Google Authorized Lab Partner” to revise an app against this standard. This review includes a review of an app’s encryption practices, a check for known vulnerabilities, a minimum permission requirement, and a host of other tests listed on this Github.

As usual, Google’s publishing process may take some time. Google says some lucky users will start watching the section on data security today, and it’s likely to take a couple of weeks to roll out to everyone.

List image by Google