By: Davis|Kuelthau’s Intellectual Property Team
Google updated its Google Play Developer Policy Center policies on March 1, 2017, and the updates went into effect on March 15, 2017. These updates included requirements for developers to post privacy policies both on the Play Store listing and within the app.
Certain types of data have more additional requirements:
- apps that collect personal or sensitive user data that is unrelated to the app’s function listed in the Play Store or the application’s interface must prominently highlight how that user data will be used and obtain affirmative consent from the user for such use;
- apps that handle financial or payment information “must never publicly disclose and personal or sensitive user data related to financial or payment activities;” and
- no app is permitted to publish or disclose a user’s non-public phonebook or contact information.
Finally, apps that monitor or track a user’s behavior must:
- not be presented or described as a means for spying or secret surveillance;
- not hide or cloak tracking behavior;
- present users with a persistent notification and unique icon that clearly identifies the app; and
- not provide any means to activate or access functionality that would violate Google’s Developer Policy Center policies (for example, an app cannot link to a non-compliant Android Package Kit, or APK, hosted outside the Play Store).
Developers should make sure that they read and review Google’s updated privacy and security requirements. Apps that are currently not in compliance risk being removed from the Play Store. Additionally, developers should ensure that their apps comply with state and federal laws on the handling and disclosure of private and sensitive information.
Please contact your Davis|Kuelthau, s.c. attorney, or the related practice group chair linked here if you have any questions.