Google has enacted new rules of data collection for Android apps to limit misuse. Developers have two months to comply.
Google is fighting against the abusive collection of data from Android apps. To limit unwanted software, the company will impose within two months to Android applications to make easily accessible their privacy policy and systematically ask the consent of the user for the sharing of his personal data, including his phone number, his email address or any information relating to his device.
These new directives were issued on December 1 by the Safe Browsing program teams, in charge of securing Android services. They're good for both Android apps downloaded on Google Play and competing platforms. Data-hungry applications are particularly targeted. Some of them collect a broad spectrum of information about their users, without any apparent relation to their good functioning. They must within sixty days justify the origin and the purpose of such a collection. Without this, they will be marked by Google with a warning sign, warning their potential users.
The announcement comes a few months before the entry into force of the European regulation on the protection of personal data, which emphasizes the consent of the user in the use of his personal information. As of May 2018, the application publishers will have to prove that the consent of the users was clearly collected before giving access to their data.
Google is not yet fully up to the topic. At the end of November, journalists from the US media Quartz revealed that the company was constantly collecting location data of Android smartphone owners without their knowledge, even when geolocation was disabled on their device. Such collection is not clearly spelled out in Google's Terms of Service. The latter simply evoke, by vague wording, the identification of "nearby devices, WiFi access points and relay antennas", thanks to "different technologies", including IP address, GPS signals and other sensors.
Surprisingly, by speaking directly to the application editors, Google's new security rules do not mention "trackers". These small software designed by third-party companies are incorporated into applications to capture data, often personal. They are used primarily to better understand the expectations of their users, to offer advertising or to link their online business and their geographic movements. Unregulated, these trackers fuel an industry still opaque and unknown. Each application has an average of 2.5, according to a study published on November 24.