Privacy & Cybersecurity Law Blog

On May 6, 2021, Google announced that beginning in the second quarter of 2022, mobile app developers submitting new apps and app updates to the Google Play store will be required to disclose certain information regarding their apps’ data collection, use, sharing and security practices, as well as provide a privacy policy for their apps. This information will be displayed in a new “safety section” of Google Play.

Specifically, app developers will be required to disclose whether their app:

• employs security practices, such as encryption;
• follows Google’s Families policy;
• requires certain data for the app to function, or if users can choose not to share certain data;
• has had its “safety section” verified by an independent third party; and
• enables app users to request that their data be deleted if they uninstall the app.

Additionally, developers will be required to disclose what types of data the app collects and stores (e.g., precise location, contacts and contact information, photos and videos, audio files and storage files), as well as how the data is used (e.g., for app functionality or personalization). In addition to disclosing this information, apps will also be required to provide their own privacy policy.

Google will provide further information on these new requirements this summer. App developers that misrepresent their privacy practices in violation of these requirements will be required to make corrections, and non-compliant apps will be subject to enforcement by Google.

This move follows Apple’s new policy, which went into effect on December 8, 2020, which requires developers submitting new apps and app updates to the Apple App Store to provide information regarding the app’s privacy practices, referred to as “privacy nutrition labels.”