Suzanne Frey, VP, Product, Android Security and Privacy

Here, we’ll give you further details about the security section that’s coming to Google Play. Google knows that security on the Internet comes from products that provide security by default, protect privacy from the source, and give users control over how their data is used. This upcoming security section will give developers an easy way to demonstrate the overall security of their apps, give users a deeper understanding of their privacy and security practices, and explain what data an app may be collecting and why — all before you install it.

All apps in the Google Play store will be required to share information in the security section. We want to give developers enough time to deal with these changes, so we’re here to share more information about the data type definitions, the design of the security section, and the new feature policy requirements. Click here to see more details about the security section that’s coming to Google Play.

Appearance of new safety section (tentative)

▽ Schematic diagram, the details are subject to the actual release

Users will see new summary content in the app’s Store details page, including the developer’s explanation of what data the app collects or shares, and highlighting security details such as:

  • Whether the application has taken security measures, such as data encryption

  • Whether the app follows our family policy

  • Whether the application has been independently verified against global security standards

▽ Schematic diagram, the details are subject to the actual release

Users can click on the summary to view the following details:

  • What types of data does the app collect and share, such as location, contacts, personal information (e.g. name, email address), financial information, etc.
  • How is the data used, such as for application functionality, personalization, and so on
  • Whether data collection is an optional or mandatory prerequisite for using the application

▽ Schematic diagram, the details are subject to the actual release

In designing the data identifiers, we learned that developers are more likely to share their background on data processing, as well as details about whether their app automatically collects data, and whether the collection can be turned off. We also know from our users that they care about whether their data is shared with other companies and why they do so.

The details outlined above are still only directional and are subject to change as we continue to work with developers and design them with the overall developer and user experience in mind.

Policy change in the security section

We’ve released a new user data policy designed to provide users with more transparency and help them make informed judgments about how apps collect, protect, and use their data.

  • All developers must provide a privacy policy. Previously, only apps that collected personal and sensitive user data were required to share privacy policies.

  • The developer is responsible for providing accurate and complete information in the security section, including data used by the application’s third-party development libraries or SDKS.

This applies to all apps released on Google Play, including Google’s own apps.

What can you expect

We want to give developers the time and resources they need to get ready.

▽ Target timetable, the date should be subject to the actual official release

Starting in October, developers will be able to submit information for review in the Google Play Manager. We encourage you to start early in case you encounter problems during the submission and review process. The new security section will be released in Google Play in the first quarter of 2022.

We know that some developers need more time to evaluate their applications and work with multiple teams. Therefore, the deadline for content approval for the security portion of your application is April 2022. New applications or updates to the security section of the application may be rejected if they are not approved.

▽ Schematic diagram, the details are subject to the actual release

If your app information is still not approved when the security section is introduced to users on Google Play in q1 2022, it will say “This information was not provided” in the security section.

How to Be Prepared

  • Visit Play Manager’s help center to learn more about providing app privacy details in Play Manager, including a list of data types and examples.

  • Review how your application collects, protects, and shares data. In particular, check the permissions your application declares and the apis and libraries your application uses. Depending on the circumstances of the review, you may need to indicate the specific types of data your application collects and shares.

In the coming months, we will continue to share more details, including operational guidance and specific timetables.

Thank you for continuing to work with us to build this new feature and make Google Play a safer and more trusted platform for everyone. Watch the PolicyBytes video to learn more about this Google Play policy update.