Since it appears to be by design, it would not be called a flaw, but a developer in Australia has found that he is not very comfortable being given all this information when someone downloads his app.
What Dan Nolan does not know is if this information is forwarded by Google to developers of free apps, but when he logged into his Google Play account to update payment details for his famed Australian app, “Paul Keating Insult Generator” (the iOS version of which made it to number 1 in the Australian App Store), he was surprised when he noticed that the merchant section of his account had the full name, address and email of every person that bought his app. Moreover, it even had the information of people that started to buy the app, but canceled the purchase.
Nolan believes that every person that purchased an app in Google Play is affected by this. Google’s terms of service clearly state that personal information is required to be provided, and that it will share address and personal information if you purchase a subscription to a magazine. That is understood since purchases involve being able to verify billing information and require sending a product to your home or place of business. Google’s privacy policy says what information is collected but does not detail how personal information is shared with developers after an app purchase. In fact, the only parts of personal data that are stated to require an opt-in are “sensitive personal information.”
This is the summary of activity page a developer sees. Image from DroidLife
Google’s definition of sensitive personal information is “a particular category of personal information relating to confidential medical facts, racial or ethnic origins, political or religious beliefs or sexuality.” Nolan says it is a sharp contrast from what he received from Apple for his iOS app, “just a quantity of sales in a Country and then a cheque three months later.”
Recommended Stories
For now, know that every time you purchase an app on Google Play, the developer of that app will receive your name (understandable), address (not understandable) and email (understandable). Google’s “Business and Program Policies” only state, “Don't publish other people's private and confidential information, such as credit card numbers, Social Security Numbers, driver's and other license numbers, or any other information that is not publicly accessible.”
However, Google’s payment terms for those that accept payments through Google Payment Corporation, specifically prohibit the seller from using a buyer’s information obtained through GPC. A developer may use any “approved” payment processor, but GPC is the “checkout” summary for the developer. When you see the checkout summaries, you can clearly see that it is a system designed for physical goods and services. Google’s Developer Distribution Policy does not explicitly state that personally identifiable information is shared with the developer and only has two ambiguous parts to section 9 of the distributor agreement. It could be argued that an enterprising developer will find a way to monetize your information beyond the app purchase or, just a feasible, the distribution of information increases the risk of your personal information falling into the wrong hands.
This is the order detail page for an app purchase. Image from DroidLife
While Google’s privacy policy has been the subject of much debate for some time, right or wrong, we contend that this specific practice is not an indicator of being a good steward with personal information. If physical goods were being ordered that is one thing, but since Google is the mediator over these Google Wallet transactions, it is Google that “needs” all the information.
What does this all mean to you? Everything done online has an inherent risk to it and we do not believe this is the end of the world, but lately it seems that Google is falling into a perpetual loop of privacy concerns.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: