Android apps can now potentially lie about the data they collect

Android apps often collect all sorts of data about you and your device, like name and location, as well as sometimes having access to your photos or messages, among other things. So, it’s vital that you understand what degree of access an app is going to have before downloading it, something that’s now been made that much harder to understand.

That’s because Google recently rolled out a new feature called ‘Data safety’, which requires app developers to disclose the data that their apps collect, whether the data is being shared with third-parties, and the app’s security practices. That sounds like a promising step, and if this was just an addition it would be, but Google is also quietly removing the app permissions list from store listings.

This change wasn’t announced by the company but has been spotted by Mishaal Rahman (senior technical editor at Esper).

That app permissions list was automatically generated by Google, which although accurate, wasn’t always clear about why specific permissions were needed or data was collected.

This new Data safety screen should, in many cases, be a lot clearer, since app developers can explain why they need various kinds of data, but because it’s down to those developers to fill in, there’s also a risk that the information could be incomplete or inaccurate.

Having both the Data safety and permissions screens would be more comprehensive, but could also make for a cluttered and confusing listing, so we can see why Google might choose only to show one; it’s just unclear whether this was the right call.

In most cases, this probably won’t be too much of a problem, although unscrupulous app developers will now have more freedom to hide the data collection practices of their apps, which is a definite worry.

Google has warned that if the Data safety screen isn’t complete and accurate then apps could have their updates blocked or even be removed from the Play Store, but it’s not clear how quickly or comprehensively Google will spot and take action against offenders.


Analysis: Google’s not alone in leaving it up to developers

App store revenues 2019

(Image credit: Future)

While this is a troubling move, it’s similar to something Apple is already doing, with its privacy ‘nutrition labels’, which app developers are required to complete. The Washington Post , however, found that these labels too were often inaccurate, so there’s no reason to think Google’s alternative won’t suffer the same fate.

The one advantage Android users have over iOS users in this situation is that they’re not limited to the Google Play Store, and while generally that’s considered the safest place to get apps, Rahman points out that third-party app stores like the Aurora Store still shows the app permissions list – something which it’s able to do because Google still collects this data behind the scenes.

As such, if you’re worried about this change then sourcing an alternative app store offering the insights and assurances you need might be worth looking into. Of course, most Android users probably won’t know this is an option and will take the data shown on the Google Play Store listings at face value – which may no longer be fully accurate and complete, even among the best Android apps.