Google is just not having a good week. Hot on the heels of Microsoft's new "Scroogled" ad campaign, which plays up the fact that Google's Gmail service shows you ads based on the emails you receive, now Australian developer Dan Nolan is alleging a "Massive Google Play Privacy Issue."
According to Nolan, this isn't a malware scare, like Google's version of the App Store has been hit with several times before. Rather, it appears to be a Google Play policy that app developers like Nolan are given "your email address, your suburb [a geographic subdivision in Australia], and in many instances your full name," if you buy any one of their apps.
What could an app developer do with this information?
According to Nolan, "I could track down and harass users who left negative reviews or refunded the app purchase," using your full name and rough geographic location (the personal info he saw did not include exact street addresses).
Nolan also noted that instead of only showing users' email addresses if they had opted into receiving marketing emails from developers, it just showed "every user's email address," with a note indicating whether or not they wanted to receive email newsletters and the like. Nolan sarcastically added "because of course scrupulous developers would always obey that [note]."
Is this, in fact, going on?
ZDNet's Liam Tung investigated Google's Terms of Service. He found that while they don't mention anything about giving your personal information away to app developers, they do say your email and "address details" can be shared with magazine publishers.
So far neither Google nor other Android Developers have responded to ZDNet's requests for comment.
Is there any relation to Google's use of personal data to show targeted ads?
In the broader sense, Google makes its money by showing targeted ads, which is one reason why it offers so many free services to people. The more emails you write, videos you share, and web searches you make, the better Google knows which ads to show you, including next to your personal emails. It's unclear why Google would be showing such gathered information to Android app developers, though, if it is doing so at all (or doing so intentionally).
What should Android device owners do to avoid a breach of privacy?
If you don't trust Google with your data, there are options in your Google account's settings that let you opt out of certain data gathering activities. There are also non-Google alternatives to many Android apps; the Amazon Appstore for Android, for instance, carries many of the same games and apps as on Google Play.
Jared Spurbeck is an open-source software enthusiast, who uses an Android phone and an Ubuntu laptop PC. He has been writing about technology and electronics since 2008.
- Technology & Electronics