Google expanding its Safe Browsing initiative to include apps which collect user data without the device owner knowing. The latest update adds additional protections in the forms of user warnings against Android apps that collect user and device data without permission.
The announcement came by way of the Google Security blog and is designed to protect Android device owners from “unwanted and harmful mobile behaviors on Android.”
This is primarily for the more common data collection aspects like the user’s phone number and/or email address. However, the announcement also details that any data collection that is happening which is not specifically related to the purpose of the app, will also need to prompt the user advising that this is occurring.
As well as providing the user with information on what the data is being used for and/or where it is going if it is being shared. Further still, the announcement also explains that this new measure is not only to account for apps available through the Google Play Store, but any Android app.
So downloading an app from somewhere other than the Google Play Store will not circumvent this new protection level that Google is putting in place. The same rules will still apply.
During analytics and crash reportings, the list of installed packages unrelated to the app may not be transmitted from the device without prominent disclosure and affirmative consent.
As part of this expanded enforcement, Google Safe Browsing will show warnings on apps and on websites leading to apps that collect a user’s personal data without their consent.
Therefore, it is in the interest of app developers to ensure their privacy policies account for any data retention, as well as providing an active prompt (and gaining the necessary permission) as suggested under the new Safe Browsing rules.
Starting in 60 days, this expanded enforcement of Google’s Unwanted Software Policy may result in warnings shown on user devices via Google Play Protect or on webpages that lead to these apps.
Webmasters whose sites show warnings due to distribution of these apps should refer to the Search Console for guidance on remediation and resolution of the warnings. Developers whose apps show warnings should refer to guidance in the Unwanted Software Help Center. Developers can also request an app review using this article on App verification and appeals, which contains guidance applicable to apps in both Google Play and non-Play app stores.
Back in September of this year, Google announced that more than three billion devices were now protected through the use of Safe Browsing.
Read: Google Finally Banning Apps From Play Store That Include Lock Screen Ads