Reports circulated on Wednesday surrounding a possible Google privacy issue when an app developer in Australia discovered he had access to the personal information of users who downloaded his Android app in Google Play.
Developer Dan Nolan wrote a blog post describing how he found a treasure trove of personal information such as email and mailing addresses from users who downloaded his app from Google Play.
Nolan's concerns highlight something that has been part of Google's Terms of Service (ToS) since the beginning. Both app developers and consumers agree to the sharing of personal information by accepting the ToS.
"If you bought the app on Google Play ? even if you cancelled the order ? I have your email address, your suburb and in many instances, your full name," Nolan wrote. "This is a massive oversight by Google. Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it?s made crystal clear to them that I?m getting this information."
Nolan said the information would allow developers to "track down and harass users who left negative reviews or refunded the app purchase."
When someone purchases an app via Google Play, it is made through Google Wallet and the payment goes directly to the developer. When users pay the developer, certain information can be sent, ostensibly for billing and taxing purposes. The developer agrees to not use this information for spam or beyond certain terms when they sign up and agree to Terms of Service.
Similarly, when consumers download certain apps, they also agree to terms and are told they may be required to share this type of information.
For iOS, Apple is the merchant of record ? not the developers, as with Google Play ? when users purchase apps via the Apple App Store. As such, the same kind of automatic sharing of personal information doesn't happen.
"This is an interesting philosophical difference and users who buy something with Google Play are probably assuming they are doing business with Google ? not the developer," Chester Wisniewski, senior security advisor at Sophos, told Mashable.
In addition, Google Play has had a track record for having more malicious apps than the Apple App Store. Some of which have phished user information to steal money and identities.
"While I wouldn't panic, it's probably something Google should revisit," Wisniewski said. "A cybercriminal could create an app just to get data, and that is what Google should want to avoid."
Are you concerned about the sharing of your personal information on Google Play? Let us know in the comments.
Image via Google Play
Linda McMahon Voting Results 2012 pbs ron paul Cnn Electoral Map roseanne barr guy fawkes
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.