Enforcing a previously announced new policy, Google Play this week began monitoring and potentially rejecting apps that request phone call logs and SMS permissions if they don’t abide by a set of rules in an effort to protect user privacy.
Only an app that has been selected as a user's default app for making calls or text messages will be able to access call logs and SMS, respectively, Google reported on Oct. 8 on its Developers Blog.
Monitoring reportedly is being handled via a combination of automation and human checking.
Google told developers they must be transparent in how they handle user data (e.g., information collected from or about a user, including device information), in addition to any requirements prescribed by applicable privacy or data protection laws.
Apps that handle sensitive user data now must, according to the new rules:
- Limit collection and use of such data to purposes directly related to providing and improving the features of the app (e.g., user-anticipated functionality that is documented and promoted in the app's description).
- Handle all personal or sensitive user data securely, including transmitting it using modern cryptography (for example, over HTTPS).