Google Play Store replaces app permissions with developer-reported information


Earlier this year, the Google Play Store launched a new data privacy section that relies on developers to disclose the information their apps collect. But as indicated by Esper editor-in-chief Mishaal Rahman (through Ars Technica), this could mean that Google will no longer display a verified list of permissions it collects automatically from each app, giving developers complete control over what they choose (or don’t choose) to disclose to users.

When Google first announced its new data privacy section last year, the company made it clear that its system would rely on information from developers. On a support pageGoogle states that developers have until July 20 to fill out a data privacy form for their apps, noting that developers are “only” required to make “complete and accurate statements” for their apps.

“Google Play rates apps against all policy requirements; however, we cannot control how they handle user data on behalf of the developers,” explains Google. “Only you have all the information needed to complete the Data Security form.” Google says it will take “appropriate action” if it finds discrepancies between the information reported by developers and the app itself.

It’s worth noting that the Apple App Store has a similar policy for its privacy “nutrition” labels, and also requires developers to submit “self-reported summaries” about the privacy practices of their apps. Much like Google does now, Apple relies on developers to provide truthful information about the data their apps collect, which a report from the Washington After is often “misleading or downright inaccurate”.

While Google doesn’t state any plans to replace the auto-generated app permissions with the data privacy section, it appears that Google has quietly swapped it out. In a thread on Twitter, Rahman shows screenshots comparing one app list to the old ‘Permissions’ section and another to just ‘Data Security’. I noticed the same thing after comparing an archived version from TikTok’s Google Play Store entry from 2021 with that one that is now available.

As Rahman points out, Google stores app permissions in the Play Store, but it’s just not visible from the front. He suggests downloading the open-source Play Store alternative called Aurora, which still lists permissions before downloading an app.

That said, it would make a lot more sense if Google lists both app permissions and the data privacy section. In this way, users can compare both to confirm that the permissions reported by the developer are consistent with Google’s findings. The edge contacted Google to see if the company plans to reinstate the app permissions section, but didn’t hear back immediately.