In May last year, Google introduced a new data security section for apps published on the Play Store. A feature that has been appearing in real app lists since April this year and will soon (July 20th) be mandatory for all apps. Now data security information sections are appearing in the actual live app listings in the store and there is something to worry about. So the new info window seems to replace the app permissions overview that all apps in the Play Store used to have.
If that sounds a bit confusing, you should look into it. Traditionally, every app that appears on the Play Store has an overview of the Android operating system permissions that it requests from the system. Things ranging from harmless and obvious things like network access to potentially much more problematic and sensitive things like accessing contacts, the phone's file system, or location data. Google automatically generates this list by scanning a developer's app files as they submit them to the store. Therefore, shall not intentionally or unintentionally omit anything or disclose it to the user. On the other hand, the new Data Security section is completely filled out by the developer. Google has an interface in its Play Store developer console that lists a variety of device and personal data types that the developer must review and disclose if and how their app handles them. For example, the questionnaire could ask whether, for example, our GSM Arena app accesses your location and personal data (which, by the way, it does not) and if so, how this data is handled and whether it is shared with third parties. This is left entirely to the “honor system” so to speak, with Google simply outlining in its policies that providing false information may result in some form of punishment.
While we're all in favor of the new data security information, it's not hard to see why putting it on the Play Store listings rather than the app permissions overview isn't an ideal course of action. That seems to be the case at the moment. Of course, there is still time to adjust this behavior and leave both dates in place. Or maybe we're wrong here and users don't care much about permissions? Tell us what you think about it in the comments.