Google Play’s Developer Policy Center summarized the company’s position on privacy and security, stating “You must be transparent in how you handle user data (e.g., information provided by a user, collected about a user, and collected about a user’s use of the app or device), including by disclosing the collection, use, and sharing of the data, and you must limit use of the data to the description in the disclosure.”
In addition, if the app collects personal data unrelated to the app’s functionality, then it must “prominently” highlight how that data will be used prior to the collection and ensure that the user provides affirmative consent for such use.
More specific requirements were added for certain types of data. An app that handles financial or payment information must “never publicly disclose any personal or sensitive user data related to financial or payment activities,” and the unauthorized publishing or disclosure of people’s nonpublic phonebook or contact information is forbidden.
To read the privacy and security requirements in Google Play’s Developer Policy Center, click here.
Why it matters: The updated privacy requirements are a must-read for all app developers, particularly as Google has been sending letters to nudge developers into compliance, cautioning them that their app could be removed from the store if it fails to meet the new requirements.