Google recently announced several key changes to the upcoming “Data safety form” for Google Play, including:
- Required Timeline Extended to Submit Data safety form: Google extended the deadline from April 2022 to July 2022. Specifically, according to Google:
- July 20, 2022: All new apps and updates to existing apps must include a Data safety form. If an app fails to do so, then: (1) new app submissions and app updates will not be published; (2) the app’s Data safety section will say, “No data available” and (3) the developer will receive an email noting that there are issues that need to be addressed.
- After July 20, 2022: Google may bring additional enforcement action against the developer in the future, such as removing the app from the Google Play store.
- Data Type Updates:
- “Personal identifiers” was renamed to “User IDs.”
- “Credit card, debit card, or bank account number” was renamed to “user payment info.”
- “User Salary or debts” was listed as an example of “Other financial info.”
- “Page views and taps in app” was renamed to “App interactions” and includes the number of times a user visits a page or taps a section.
- FAQs Updates:
- Additional FAQ topics were added to cover off “account management, user-initiated actions, use of payment platforms, and encryption.”
For a full list of the changes, please visit Google’s “Change Log” at the bottom of this link here.
Don’t Just Repurpose iOS Labels:
As a reminder, organizations should be wary of simply repurposing their iOS nutrition labels for their Data safety form. While the iOS labels may provide a starting baseline, Android and iOS apps behave differently and there are several key distinctions between what the Data safety form and iOS nutrition labels require.
In fact, Google states, “The Data safety form will ask for additional and different information that you may not have used previously, so we want you to expect that this will still take effort for your team. The taxonomy and framework of the Data safety section on Google Play may differ materially from those used in other app stores.”
Next Steps for Organizations – Aligning Public Facing Disclosures:
Legal and development teams should continue to work together to align the Data safety form and iOS nutrition labels with other public-facing disclosures, such as the organization’s privacy policy. Specifically, it is important both the legal and dev teams collaborate to understand and accurately represent how their apps are behaving. This is especially true considering the dev team typically publishes the mobile app store disclosures, and the legal team typically drafts the privacy policy.
With NT Analyzer’s downloadable report and designated module for Android (similar to the designated iOS module for iOS apps), the dev and legal teams will have the information they need to meet their Data safety form requirements and make accurate disclosures and representations about their apps. The report includes, but is not limited to:
- Identifying all parties collecting data (as well as which SDKs are integrated into the app);
- Identifying all data types, including personal information/data (at both a technical – e.g., hashed, encoded, fingerprinting, GAID, etc. – and traditional level); and
- Determining how each data type is used (e.g., App Functionality and/or Personalization).
Ask us today how we can help your organization prepare for the Data safety form and how NT Analyzer can help.
