What is Playstore’s Data Safety Section? How can you benefit from it?

The Data safety section on Google Play is a simple way for you to help people understand what user data your app collects or shares, as well as showcase your app’s critical privacy and security practices. This information helps users make more informed choices when installing apps. 

Back in May 2021, Google confirmed that they would be adding a new #Datasafety section to the play store. The company has now confirmed the rollout of the new section via an official blog post. The post adds that Google has been trying to improve safety for Android users across the board with several key measures. For instance, when an app asks for key permissions such as location or camera access, users can limit this to just one-time use, only while using the app, or all the time. On Android 12, users can go to the Android Privacy dashboard to review data access by apps for sensitive data permissions. 

Android apps in the Play Store must list (“Collected Data”) what data is being stored and for what purpose. In turn, users can “see whether the app needs this data to function or if this data collection is optional.” Developers also have to identify (“Data shared”) whether that information is being communicated with third parties, as well as the security/handling practices (e.g., in-transit data encryption) of their applications and whether end users can easily ask for their data to be deleted. 

Other information that can appear in the section includes: 

  • Whether a qualifying app has committed to following Google Play’s Families Policy to protect children in the Play Store better. 
  • Whether the developer has validated their security practices against a global security standard (more specifically, the MASVS). 
  •  Whether the developer is collecting data and for what purpose. 
  •  Whether the developer is sharing data with third parties. 
  • The app’s security practices, like encryption of data in transit and whether users can ask for data to be deleted. 
  • Whether a qualifying app has committed to following Google Play’s Families Policy to protect children in the Play Store better. 
  • Whether the developer has validated their security practices against a global security standard. 

Google’s policy makes it mandatory for developers to give accurate information, and any misinterpretation of data will be treated as a violation of Google Play policy, meaning that an app may be taken down from the Google play store if it does not adequately or accurately disclose the data it is collecting and how it will use it.  

The safety section will also show users what data sharing is mandatory and what is optional. App developers must fill out a Data Safety form by going into the app content section in the Google Play Console. Google says even apps that don’t collect user data must submit the form.

Major Privacy Updates of the Week

The governor of California signs Child Privacy Law

California Governor Gavin Newsom on Thursday signed AB 2273, legislation designed to protect children’s online privacy. The California law requires online platforms to consider the interests of children in the design of their services and to provide children with settings that default to privacy. The Age-Appropriate Design Code (AADC) Act forbids online service providers that offer service to children from using the #personalinformation of children in a way that’s detrimental. 

Read more

Google, Meta fined by South Korea’s privacy watchdog over Privacy violations

South Korea’s #privacy watchdog panel has fined tech firms giants Google and Meta a combined 100 billion won (around $72 million USD) for tracking consumer data without consent. Google received the highest penalty from South Korea’s Personal Information Protection Commission: Compared to the 30.8 billion won ($22 million) fine that Meta is facing, Google owes 69.2 billion won (or roughly $50 million). The fine alleges that both businesses failed to disclose to their customers the specifics of the data collection and analysis procedures that would be used to further understand their customers’ online behaviour. 

Read More.

Confidential NATO documents stolen from Portugal being sold on dark web

A number of classified #NATO documents were leaked as a result of a “prolonged and unprecedented” cyber-attack that was directed at Portugal’s General Staff of the Armed Forces (EMGFA). Later, the documents turned up for sale on a dark web platform. The sale of stolen records was discovered by US intelligence agencies, who then informed the US embassy in Lisbon, which then informed the Portuguese government of the data breach. The hackers had listed for sale on the dark web the weapon blueprints that Ukraine had employed in its struggle with Russia. 

Read more

Albania Hit by Second Cyberattack Allegedly by Iranian Hackers

Another #cyberattack against the Albanian government, this time knocking border control systems offline, have been attributed to Iranian hackers. The Total Information Management System (TIMS), which aids in keeping track of those entering and leaving the country, was attacked. Iran was also accused for the attack on July 15 that momentarily brought down a number of Albanian government websites and digital services. Following which, Albania cut diplomatic ties with Iran. In reaction to the attack on Albania, the U.S. government announced sanctions on Iran’s intelligence service and its top officials. 

Read more

Indonesia set to adopt new Privacy Law

The #Personaldata Protection Act, Indonesia’s first data privacy law, is now expected to be passed after numerous delays. The need of the law intensified as the nation has continued to experience a number of cyberattacks; most recently, the National Cyber and Encryption Agency of the nation announced that it is looking into an alleged data leak involving 105 million Indonesians. The government wants to adopt the same data subject rights and rules for handling personal data that the European Union laid up in their GDPR. 

Read more

Curated by: Prajwala D Dinesh, Ritwik Tiwari, Ayush Sahay

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro