Google cracks down on apps that snoop on you, even if they’re not in Play Store

Safe Browsing warnings will appear “on apps and on websites leading to apps that collect a user’s personal data without their consent”.
Google
Google is introducing significant changes to how it enforces its Unwanted Software Policy, which should result in better privacy and transparency for the world’s two billion Android users.
Google is giving developers two months to ensure their apps don’t deviate from its Unwanted Software policy. If an app continues to stray from the policy, users are likely to see its Safe Browsing full-page warnings, which will probably drive users away from the offending software.
The crackdown is a new effort to combat malicious and harmful Android apps and will apply to software distributed through the Play Store as well as third-party Android app markets.
The Safe Browsing warnings will appear “on apps and on websites leading to apps that collect a user’s personal data without their consent”, Google notes on its security blog.
In other words, the warnings may be applied to sites and software that promote apps that violate its policy, as well as the offending apps themselves.
If an app uses a user’s phone number or email address or device data, it will need to prompt the user and provide a privacy policy within the app.
Developers will also need to offer a way for users to give their “affirmative consent” if an app collects and transmits personal data that’s unrelated to the functionality of the app. The app also needs to prominently explain how user data will be used.
“These data collection requirements apply to all functions of the app. For example, during analytics and crash reporting, the list of installed packages unrelated to the app may not be transmitted from the device without prominent disclosure and affirmative consent,” Google explains.
The changes reflect an update in August to the Personal and Sensitive Information section of Google’s Developer Policy Center. The amended policy introduced a requirement for an app to provide prominent disclosure if it collects and transmits personal user data unrelated to the app’s main functionality described in the Play Store listing.

天威视讯内幕交易案二审维持原判 涉案人数曾创记录
The section covers requirements for how an in-app data-usage disclosure must be displayed and how the app needs to request user consent.
网络犯罪份子使用类似“钓鱼邮件”的技术引诱您,通过要求您点击貌似真实的邮件或短信中的链接,进而获取您的敏感信息如银行账号,密码及信用卡资料。
For example, the in-app disclosure must be shown within the app itself and not just the Play Store listing or on a website.
It must also be displayed within the normal usage of the app and not be buried in settings. It also can’t be placed in a privacy policy or terms of service and must not be bundled with non-privacy disclosures.
The affirmative consent request dialog needs to be presented in a clear and unambiguous way. To gain consent, the user will need to tap to accept or tick a check-box.
Google notes that two common violations are when an app doesn’t treat a user’s installed apps as personal or sensitive user data and when an app doesn’t treat the user’s phone or contact book as personal data. The apps will be considered to violate Google’s policy if they don’t follow the rules for prominent disclosure.
Websites owners that attract a Safe Browsing warning will need to follow the usual processes in the Search Console if they want to resolve the warnings. App developers caught by the new Safe Browsing warnings can request an app review on the App Verifications and Appeals support page. Previous and related coverageGoogle Safe Browsing beats rivals but still only flags up 10 percent of hacked sites An analysis of hijacked websites suggests Google’s Safe Browsing technology is only warning users about a small proportion of them.Google tightens noose on HTTP: Chrome to stick ‘Not secure’ on pages with search fields In October, Google will begin phase two of its plan to label all HTTP pages as non-secure.
Related Topics:
Google
Security TV
Data Management
学生网晒实习经历让企业头疼,实习生不妥当的信息传播行为给公司带来信息保密和制度管理的困扰。关键是要加强实习生的安全保密意识教育,初入职场的人们根本不懂机密信息对雇主的价值,更不懂如何保护。

猜您喜欢

南宁警方提醒:提高安全防范意识预防网络诈骗陷阱
中国企业如何与海外环境及当地的民族文化融合,海外安全知识:
网络安全法宣传片 002 国家网络安全的现状与重要性概述
王者荣耀主播触手蓝烟 技术太强把粉丝打成了路人
TROPPOTOGO CARBONGAMING
如何营销信息安全思想