Google has today announced it is expanding its Google Safe Browsing initiative to include apps which collect user data without the device owner knowing. The announcement came by way of the Google Security blog and is designed to protect Android device owners from “unwanted and harmful mobile behaviors on Android.”
The announcement explains that any app which collects user data will now need to actively inform users the data collection is happening. This is primarily for the more common data collection aspects like the user’s phone number and/or email address. However, the announcement also details that any data collection that is happening which is not specifically related to the purpose of the app, will also need to prompt the user advising that this is occurring. As well as providing the user with information on what the data is being used for and/or where it is going if it is being shared. Further still, the announcement also explains that this new measure is not only to account for apps available through the Google Play Store, but any Android app. So downloading an app from somewhere other than the Google Play Store will not circumvent this new protection level that Google is putting in place. The same rules will still apply.
Where the Safe Browsing aspect comes into play is that warnings will start to inform users that the app about to be accessed or downloaded collects user data without the user knowing. Therefore, it is in the interest of app developers to ensure their privacy policies account for any data retention, as well as providing an active prompt (and gaining the necessary permission) as suggested under the new Safe Browsing rules. Google notes this change will first start to come into effect in sixty days from today. Back in September of this year, Google announced that more than three billion devices were now protected through the use of Safe Browsing. A number which highlights this is only the latest feature to be added to what is already a widely in use protection measure. App developers (as well as device owners) concerned they may be affected by this change can find out more information on how to prepare for the new rules through the link below.
Google Security Blog