From now on, Apps on the google play store would be sharing your data and details that have been collected, and that would be listed under the new Data Safety section. And this has made the privacy experts divided in the new Data Safety section on Google’s Play store. People have noticed that Google is expecting them to trust these developer-provided privacy considerations instead of the old google generated list of privacy permissions that was there before.
An app store that presents self-disclosure as its policy undercuts any efforts on the part of the app trying to inspire trust through their software systems, and meaningfully engage users.
If ever developers self-declare what data they collect and for what purposes, a question that might surface is what google is going to do to ensure compliance and correctness.
Giving people more visibility into the data collection policies of listed apps, Google began rolling out its data section in May, pitching it as a way. Well, Google isn’t the one to do this. Apple has also rolled out something similar in the year 2020 in the month of December.
Every detail of what data an app collects and discloses and shares with third parties is shared in the new section. Also, the app’s security practices and security mechanisms are some other details that the new section shows. The developers employ them to protect the collected data and tell people if they have any option to ask the developer to delete the collected data if ever they stop using the app.
Google might not trust developers to provide accurate details and the doing away with the old list of auto-generated app permissions. As with privacy experts, the focus on developer-provided details doesn’t sit well with them. Nowadays, consumers don’t have much belief in online systems. And for that, companies might have to go an extra mile to prove to their consumers that they are not that kind of bad guys and win their customer’s trust.
Here an issue that can convert into a failure is on google’s part not trying to regulate and enforce the rules and publicize the compliance. This failure might even result in a threat to erode user trust in the marketplace.
One of the solutions that came up from Jeff Williams, who is the CTO and co-founder of Contrast Security is the switch to self-attested privacy labels becoming more important than doing away with the permission list. It is believed to balance the interests of software consumers and producers in the market.
With this move, nothing much changes the fact of users getting pop-ups in order to authorize apps to use any dangerous permissions. Also, the new scheme will still allow third-party reviews, especially the OWASP Mobile application security verification standard that could thoroughly vet apps by considering several security aspects that are beyond their permissions.
Someday we all can expect to get third-party labels from trusted sources, it can be Google or any other sources. However, it would be great to have a good label for now that actually helps ordinary people to understand how the apps they use actually protect their data, or what they do with them.