What is Playstore’s Data Safety Section? How can you benefit from it?

The Data safety section on Google Play is a simple way for you to help people understand what user data your app collects or shares, as well as showcase your app’s critical privacy and security practices. This information helps users make more informed choices when installing apps.

Back in May 2021, Google confirmed that they would be adding a new #Datasafety section to the play store. The company has now confirmed the rollout of the new section via an official blog post. The post adds that Google has been trying to improve safety for Android users across the board with several key measures. For instance, when an app asks for key permissions such as location or camera access, users can limit this to just one-time use, only while using the app, or all the time. On Android 12, users can go to the Android Privacy dashboard to review data access by apps for sensitive data permissions.

Android apps in the Play Store must list (“Collected Data”) what data is being stored and for what purpose. In turn, users can “see whether the app needs this data to function or if this data collection is optional.” Developers also have to identify (“Data shared”) whether that information is being communicated with third parties, as well as the security/handling practices (e.g., in-transit data encryption) of their applications and whether end users can easily ask for their data to be deleted.

Other information that can appear in the section includes:

Whether a qualifying app has committed to following Google Play’s Families Policy to protect children in the Play Store better.
Whether the developer has validated their security practices against a global security standard (more specifically, the MASVS).
Whether the developer is collecting data and for what purpose.
Whether the developer is sharing data with third parties.
The app’s security practices, like encryption of data in transit and whether users can ask for data to be deleted.
Whether a qualifying app has committed to following Google Play’s Families Policy to protect children in the Play Store better.
Whether the developer has validated their security practices against a global security standard.

Google’s policy makes it mandatory for developers to give accurate information, and any misinterpretation of data will be treated as a violation of Google Play policy, meaning that an app may be taken down from the Google play store if it does not adequately or accurately disclose the data it is collecting and how it will use it.

The safety section will also show users what data sharing is mandatory and what is optional. App developers must fill out a Data Safety form by going into the app content section in the Google Play Console. Google says even apps that don’t collect user data must submit the form.

Major Privacy Updates of the Week

The governor of California signs Child Privacy Law

California Governor Gavin Newsom on Thursday signed AB 2273, legislation designed to protect children’s online privacy. The California law requires online platforms to consider the interests of children in the design of their services and to provide children with settings that default to privacy. The Age-Appropriate Design Code (AADC) Act forbids online service providers that offer service to children from using the #personalinformation of children in a way that’s detrimental.

Google, Meta fined by South Korea’s privacy watchdog over Privacy violations

South Korea’s #privacy watchdog panel has fined tech firms giants Google and Meta a combined 100 billion won (around $72 million USD) for tracking consumer data without consent. Google received the highest penalty from South Korea’s Personal Information Protection Commission: Compared to the 30.8 billion won ($22 million) fine that Meta is facing, Google owes 69.2 billion won (or roughly $50 million). The fine alleges that both businesses failed to disclose to their customers the specifics of the data collection and analysis procedures that would be used to further understand their customers’ online behaviour.

Confidential NATO documents stolen from Portugal being sold on dark web

A number of classified #NATO documents were leaked as a result of a “prolonged and unprecedented” cyber-attack that was directed at Portugal’s General Staff of the Armed Forces (EMGFA). Later, the documents turned up for sale on a dark web platform. The sale of stolen records was discovered by US intelligence agencies, who then informed the US embassy in Lisbon, which then informed the Portuguese government of the data breach. The hackers had listed for sale on the dark web the weapon blueprints that Ukraine had employed in its struggle with Russia.

Albania Hit by Second Cyberattack Allegedly by Iranian Hackers

Another #cyberattack against the Albanian government, this time knocking border control systems offline, have been attributed to Iranian hackers. The Total Information Management System (TIMS), which aids in keeping track of those entering and leaving the country, was attacked. Iran was also accused for the attack on July 15 that momentarily brought down a number of Albanian government websites and digital services. Following which, Albania cut diplomatic ties with Iran. In reaction to the attack on Albania, the U.S. government announced sanctions on Iran’s intelligence service and its top officials.

Indonesia set to adopt new Privacy Law

The #Personaldata Protection Act, Indonesia’s first data privacy law, is now expected to be passed after numerous delays. The need of the law intensified as the nation has continued to experience a number of cyberattacks; most recently, the National Cyber and Encryption Agency of the nation announced that it is looking into an alleged data leak involving 105 million Indonesians. The government wants to adopt the same data subject rights and rules for handling personal data that the European Union laid up in their GDPR.

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro

Cookie	Duration	Description
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time.
OptanonConsent	1 year	OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category.

Cookie	Duration	Description
_calendly_session	21 days	Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
SRM_B	1 year 24 days	Used by Microsoft Advertising as a unique ID for visitors.

Cookie	Duration	Description
_clck	1 year	Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID.
_clsk	1 day	Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
CLID	1 year	Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited.
MR	7 days	This cookie, set by Bing, is used to collect user information for analytics purposes.
SM	session	Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and verify ads' clicks on the Bing search engine. The cookie helps in reporting and personalization as well.
MUID	1 year 24 days	Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.

WHY TSAARO CONSULTING

TSAARO LEADERSHIP

Life at TSAARO

Upcoming Events

Want to be a change-maker? Join our team.

EU Representative as a Service