Google has recently announced a major change in its personal data protection policy. It affects applications developed for mobile devices using its Android operating system. From now on, these applications will be obliged to ask for the user’s authorization if they are collecting personal data without their explicit permission. In this way, the giant Google takes another step forward in the law on the protection of personal data.
Until this change it was very common for applications running on Android (and other operating systems) to use personal user information such as phone number, location, email, MAC address or device model. To function, these applications simply requested prior permission from the user, but did not inform the user of each delivery of personal information. From now on, they will not be able to do so without informing you in advance and without showing you a form in which you express your consent.
This new development is very relevant, since it affects the development of applications for both end users and companies. It emphasizes user security and nips in the bud access to personal information that is often at risk. Now, with this extension of its security policy, Google wants to plug any gaps in the trust people have in its products.
Increased privacy of personal data
The news has been well received by users, who demanded from Google greater security in the use of their devices and a reinforcement in the privacy of personal data, some of which are particularly sensitive, such as location. With this modification, Google is extending its Safe Browsing program to the growing field of mobile apps, where users have had little control over what the technology did without their consent. Safe Browsing is responsible for ensuring that the Internet browser does not give out personal information to the websites visited without the users’ consent. This same idea is implemented for applications, a change that will benefit the more than 2 billion Android users.
Users that 64 billion new apps were downloaded in 2017, 16.7% more than last year. It is therefore not surprising that changes in data protection policy have been a priority this year. Especially considering that mobile devices are already the main means of accessing the Internet.
Changes in mobile application development
Google announced that all apps that are collecting personal data without your consent had to be modified by January 30, 2018. Thereafter, its app review services will verify whether these criteria are met and, those that do not comply, may be removed from Google’s app stores and other similar download services.
This will lead to significant changes in the approach to application development. Both new and existing companies will have to take these specifications into account and orchestrate mechanisms to protect the security and privacy of consumers. In general, developers should create services that, when faced with the need to collect and deliver personal data and information, notify the user, warn them of the privacy policy that will be applied to that information and, finally, ask for their consent to proceed with the process.
Any function of the application is subject to these new conditions. Even bug reports will not get rid of them.
Lists of installed packages that are not related to the referenced application may not be sent without the user being clearly informed and giving explicit consent.
In addition, the warnings that the user will receive must be displayed whenever there is a collection and delivery of data, even if the data will not be used for anything in particular and simply serve to make the app work. In any case, the user must receive clear and precise notice of the use that will be made of his personal information, and will always have the possibility of deciding whether or not to authorize the use.
With these changes, not only the security of private users is improved, but also that of company employees who use mobility solutions based on an Android operating system on a daily basis. It is also important for them to ensure that no one has improper access to data such as their location, the phone number they use or the model of their device.
Google officials believe that this effort improves security and ensures the protection of personal data, but also helps application developers to generate better services for the public and to create a more stable framework of trust with their customers.
