In July 2021, Google announced that it would update the data safety section applicable to apps on their Play Store. The company stated that these policies would come into effect in late April 2022, and it followed through on that declaration. Last month, numerous apps were removed from the Play Store for breaching Google’s updated data privacy and data processing policies.
After discovering that many publishers needed more time to adapt their apps to satisfy the new requirements, Google extended the deadline for compliance to July 20th instead. Therefore, if you intend to keep your app live on Play Store past that date, you must acquaint yourself with these policies and undertake measures to ensure compliance.
Developers must clarify what kind of user data their apps collect and elaborate on the measures that they have implemented to safeguard this data through protective mechanisms like encryption. This also applies to data that is collected or shared via third-party libraries or SDKs that are embedded within their apps. As such, it is important to evaluate your SDK providers’ published data safety policies to make sure they comply with Google’s new requirements. Recently, Google removed dozens of apps for hosting an SDK that collected sensitive data without user consent.
All this information can be provided on a form in the new data safety section within the Play Store Console. After submitting this form, your app information will undergo an app review process by Google. After verification, this information will be showcased on the store listing so that Google Play users are made aware of your data privacy and data sharing practices prior to downloading your app.
These policy changes apply to all apps on Google Play – including those on production, closed, or open testing tracks, as well as apps that do not collect user data. If Google discovers falsified information on your form, it will execute the required enforcement action (which includes removing the app from the platform and potentially banning the app for a specified time period).
The app’s user consent page must:
The app’s privacy policy must:
Modifying your app to make sure it satisfies the updated data safety framework – by yourself – is certainly a daunting task.
However, you do not have to do this alone!
To promote data compliance and improve transparency between publishers, users, and vendors in the data economy, we created Quadrant’s Consent Management Platform (QCMP). QCMP comes in the form of a lightweight SDK that can be integrated with only a few lines of code and fulfils all the conditions that must be met for in-app disclosure and user consent pages.
QCMP also offers flexibility by allowing publishers to make amendments to consent forms without releasing app updates. It even has customised options that allow users to opt in or out of sharing data with specific 3rd party partners.
Google is a supporter of the IAB’s Transparency & Consent Framework (TCF) v2.0. Since IAB approves of QCMP – which evolves alongside data privacy regulations - publishers can benefit from the platform by keeping their apps safe. Moreover, apps that rely on ads-based monetization can attract top-tier advertisers with IAB approval.
QCMP stores all consent records on an immutable blockchain – which is why you’ll be ready if and when regulators audit your app.
To learn more about how to leverage QCMP for ethically monetizing user data, visit our knowledge base by clicking here.
Alternatively, fill in the form below and one of our consent management experts will get in touch with you.