Google is upping the privacy ante for its Play Store with new rules that mandate Android app developers provide straightforward options for users to delete accounts and associated data.
The measure will require app developers to provide in-app deletion options as well as giving users an ability to manage app data from a webpage.
"For apps that enable app account creation, developers will soon need to provide an option to initiate account and data deletion from within the app and online," said Bethel Otuteye, senior director of product management for Android App Safety, in a Wednesday blog post.
The move comes as Apple, Google and mobile app developers come under greater scrutiny by lawmakers and privacy advocates concerned over app makers overstepping their bounds and profiling, collecting personal user data and tracking mobile phone users without explicit consent.
Apple implemented a similar policy for developers of apps on its’ App Store on June 30, 2022. Unlike Google, Apple only requires developers to provide an in-app path for account deletion and does not mandate a web-based option for users to delete their accounts.
Otuteye's post also coincides with related measures by Google announced Thursday to restrict financial loan application apps available on Google Play Store from accessing mobile phone photos, videos, contacts, geolocation data and call logs. That policy takes effect on May 31, 2023.
Changes will take time
The policy impacts all apps globally and the new rules will be begin to be enforced early 2024, Otuteye said. First steps, she said, will require developers to fill out a data deletion form provided by Google by December 7. Developer appeals more time can extend the deadline to May 31, 2024.
Currently Google only requires app developers to give users the option to request their data to be deleted.
Under the new rules, developers need to make account deletion and data removal easily discoverable within their apps, while also providing a web link resource for users to delete their account and associated data.
Pressured to change
Tech giants Google and Apple have faced increasing scrutiny over the handling of user data. In October, more than 400 malicious apps took advantage of the insufficient security checks of Google Play and App Store to steal users' personal information.
In February, many popular Android apps, including TikTok and Facebook, on the Play Store were found to have inconsistency between their private policies compared to what was listed on Google Play’s data safety section, according to research by Mozilla Foundation.
Google cracks privacy whip
New Google developer rules require companies to delete all data associated with a user’s account. In the case where developers need to keep certain data for specific reasons, such as security or regulatory compliance, they must clearly disclose the data retention practices to users.
"Temporary account deactivation, disabling, or 'freezing' the app account does not qualify as account deletion," Google stated.
Users will also have the option to selectively delete portions of their data, such as activity history, images and videos.
"By creating a more intuitive experience with this policy, we hope to better educate our shared users on data controls available to them and create greater trust in your apps and in Google Play more broadly," Otuteye said.