Google relying on developers, Providing accurate App Data Collection Info

The Google Play Store hides its automatically-generated app permissions. The Google Play Store established a new data privacy section earlier this year that relies on developers to reveal the information their apps collect.

Google will no longer display an ascertained list of permissions it automatically contains from each app, giving developers complete control over what they choose (or don’t choose) to disclose to users.

When Google first revealed the new data privacy section last year, the company made it evident that its system would rely on information provided by developers. On a support page, Google states that developers have until July 20 to fill out a data privacy form for their apps, noting creators “alone” must make “complete and accurate declarations” for their apps.

“Google Play reviews apps across all policy prerequisites; however, we cannot make decisions on behalf of the creators of how they handle user data,” Google explains. “Only you keep all the information required to satisfy the Data safety form.” Google says it will take “appropriate action” if it finds any disparities between developers’ reported facts and the app itself.

It’s worth noting that the Apple App Store has a similar policy for its privacy “nutrition” labels and requires developers to submit “self-reported summaries” about their apps’ privacy practices. Like Google, Apple trusts developers to provide truthful information about their apps’ data, which a report from The Washington Post found is often “misleading or flat-out inaccurate.”

While Google doesn’t indicate plans to substitute the automatically-generated app permissions with the data privacy section, it looks like Google quietly swapped it out. There are screenshots on Twitter comparing one app listing with the old “Permissions” section and another that has just “Data safety.” It was noticed the same after comparing an archived version of TikTok’s Google Play Store listing from 2021 with the one available now.

Google Play is the default store on most Android devices. As a result, most Android users use the store to download new apps and games and to update them.

Up until now, Google Play displayed permissions that an application needed to function. All applications have access to a base set of permissions that are not highlighted; it goes beyond what needs to be specified in the application’s manifest.

When you browse apps or games on Google Play, you may notice that the permissions listing is no longer available. It appears that Google decided that the new data safety listing is sufficient. Google play app permissions.

Publishers are required to provide data safety information, as Google made it mandatory. It is up to the publisher to fill out the info, though. Neither the Google Play application nor the Google Play store website list permissions anymore.

Google has not revealed why it removed the option to view application and game permissions on its Android store. However, it is possible that Google thought that the new Data Safety listing was sufficient or that permissions could scare users.

There are still options to display permissions.

Android users have some options when it comes to displaying application permissions. One option would be to analyze an application’s manifest file before installation, which is time-consuming and impractical.

A better option, highlighted by Mishaal Rahman on Twitter, is to use the open-source Aurora Store application. Aurora Store is available on F-Droid, a free and privacy-focused Android marketplace.

Aurora Store is a frontend for Google Play, which means that it pulls data directly from Google’s Store. However, unlike Google Play, it provides users with important information, including application permissions. The app also lists trackers included in applications and games, another valuable piece of information.

A click on the permissions listing of an app in the Aurora Store displays all the permissions it requests. Unfortunately, Aurora Store does not yet show the Data Safety information in the interface.

With Aurora Store installed on the Android device, you could use it to look up the permissions of an app or game.

Removing permissions from Google Play is a step in the wrong direction. Google is still focused on limiting information and functionality to create a frictionless yet limited experience for its users. Users needing more details or options must look elsewhere again to obtain those.

Google is storing app permissions in the Play store, but it’s not visible from the front end. He suggests downloading the open-source Play Store alternative, Aurora, which still displays permissions before downloading an app.

That said, it would make a lot more sense for Google to display both app permissions and the data privacy section. This way, users could compare both to confirm that the developer-reported permissions are consistent with Google’s findings.

Since permissions were counted to Android as a platform, the Google Play Store has authenticated a list of all possible permissions that an app could employ before installing that app. Now, the Play Store has pulled that list.

In April this year, Google began rolling out a new “Data safety” feature for the Play Store. The new section’s goal was to precisely detail what data apps had access to and what they were accomplishing with that data. Data types include location, personal info, messages, files, and more.

All Android app developers must submit this information by July 20, 2022.

Just ahead of that deadline, is appears Google has taken the next step in emphasizing “Data safety.” The feature has now superseded the “permissions” section in the Play Store on all apps, leaving it as the only indication of what an app might be able to access before installing it.

From what we can tell, this transition has gone live on virtually every app on the Play Store. However, we would accept the “permissions” section would still appear for any still lacking “Data safety” info from its developer. Additionally, the change is on mobile and the Play Store’s recently redesigned website.

Is this a bad change? Not necessarily. The downside is that the “Data safety” page isn’t quite as explicit with the exact system permissions an app asks for. On the other hand, this new page is vastly easier to comprehend for those not versed in Android’s ins and outs. For example, apps often use location permission to detect nearby Bluetooth devices, which could direct to confusion.

But the one potential problem here is that the information on the “Data safety” page is provided by developers rather than auto-generated by the Play Store. Unfortunately, that leaves room for nefarious actions on the page, and it’s unclear if Google is policing this information.