Report: developers may get record of your name, location and email address each time you buy an app

What would you say if you knew a developer had record of your full name, your general vicinity (like your city and province) and email address each time you purchased an app from them? That’s exactly what seems to be happening in the Google Play Store according to one developer. Developer Dan Nolan — a Sydney, Australia native — was shocked to learn that he was getting this information about each and every user who purchased his app.

Nolan says he doesn’t feel comfortable with the information, stating: “with the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase.” We imagine the biggest of his worries doesn’t have quite that much to do with any worries about harassment, though. What if a malicious developer found a flaw in the way this information is transferred to the developer and created an app to intercept that?

Furthermore, there is concern that users nor developers are aware that this information is being exchanged before it actually happens.  The fact that neither side can opt-out of receiving this information is more troubling, says Nolan. The developer says the information being given up is quite robust and overkill compared to what Apple gives you, which is a simple report of how much you’ve gathered in sales and how those sales stack up from one country to the next.

Google didn’t quite comment on these claims, but interestingly enough the Mountain View company contacted News.com.au to clarify that this wasn’t a “flaw,” but a feature, and that the outlet should change its title and leading paragraph accordingly. Nolan speculates that this behavior exists because Google Play orders are treated just like regular Google Wallet/Checkout orders, and those particular sales sometimes require that information for shipping purposes.

 TMI?

What’s my take on it? Well, it’s quite simple: what’s the big deal? Folks have no problem submitting their full name, email address, billing and shipping addresses and more information when ordering physical items, so why shiver in fear when an app developer has information to your name, your general location, and your email address?

Perhaps it’s a case of only wanting merchants to have “need-to-know” information. Perhaps users fear irresponsible developers will abuse that information or sell it to a third-party marketer. Those are very good points alone, but are they enough to be up-in-arms about? I suppose that’s up to each individual to figure out for themselves, but I personally feel like there’s nothing to worry about.

That said, I understand a user wanting to at least be told that this information is being sent, and also wanting a way to opt-in or opt-out of that. Google obviously felt it wasn’t that big of an issue when it implemented the system, but perhaps it’s something for the company to revisit to avoid more hot water in the risky and uncertain waters of information privacy in this digital day and age.

What about you? Do you fear developers have access to too much information about the people who are buying apps from them, or are people overreacting to a non-issue? The comments section is always open to any and all healthy discussion, so keep it light and respectful, and let your thoughts be heard below!

[Thanks to everyone who sent this in!]

Continue reading:




  • Pancake345

    Its not that ‘they may’ they do. I get a name, email address, and partial address for everyone who buys my apps. This is typical of any merchant account. Quite often the name is not a real name, this is something the customer can choose.

    • aholsteinson

      Exactly, I don’t really see the problem or why this developer is raising a stink over this.

    • Unorthodox

      No it’s not. Ever wondered will your credit card number work if you put in a fake name or address?

      • Pancake345

        Credit card names & numbers do not necessarily correlate with the display name on the Order Details column of the Order Inbox. I get all sorts of funny names, first names only, ect., but most often the full name of the customer (first and last). One of my recent purchases was from “Valued Coustomer” notice that the last name is spelled incorrectly. I’ve been selling many apps for a long time now and look at my sales every day.

  • http://www.AndroidAllies.com/ Max M.

    “Shocked to learn”

    Yeah, that’s what happens when you don’t read.

    Also, this is already known. Just because some guy found out now doesn’t mean it’s news.

  • ArmageddonX

    To be honest, I don’t really care.

  • Fahim Yaqoob

    this is not that scary.

  • Da_James

    Well, I’ve received a “Sorry to see you’ve uninstalled our app” mail, “Tell us why you did that” and I’m still waiting about taking the decision to complaining to Google about this…

    • https://market.android.com/developer?pub=Ender's+Games+and+Apps Brian Ouellette

      I sent emails to my customers asking why they uninstalled the app. I do this because I want to know how to make it better.

    • Michael Lee

      Your choice. In the merchant console, it says something “Can contact commercially”, and it’s always set to a default of “no”. So the developers shouldn’t email you if you haven’t manually set it to allow.

  • https://plus.google.com/108596272537415356460/posts Jason Farrell

    This is such a non-story. Buying just about ANYTHING requires that you give up some “scary” personal information.

    If you WANT to be anonymous, then have fun offline by paying in cash (while wearing a skimask), or using only pre-paid giftcards + fake names online and bouncing through proxies.

    • paxmos

      Idiots like you miss the point entirely. If I buy from Amazon, I know who I am dealing with. When I buy from play store, I am under the impression that I am buying from Goo gel not joe shmook somewhere in a corner in Russia and heck I don’t want that dude or dudette to have my information. It is bad enough that Goo gel collects all your information when you use their services, way bad that it sends that information to the developers. Had I known this, I would have never bought or downloaded anything from Play Store. What is Goo gel thinking? I am so freaking upset. What the hell does the developer need my name and my email address for?, all they need is the $ amount from the sale of their product….Fuck you Goo gel, you say this is a feature?, what kind of feature is this…giving my information to possible rogue developers as if Play Store does not have enough of them penetrated in the store any way…..Fuck you Goo gel

      • https://plus.google.com/108596272537415356460/posts Jason Farrell

        RAWR GOO GEL

  • http://twitter.com/PhaseBurn PhaseBurn

    Any time you buy anything from Amazon (including android apps), the dev gets the same info. There is no “anonymous buying” option anywhere any more if you use any form of payment besides plain ol’ cash.

  • No_Nickname90

    This is great news. I didn’t know this. This could possibly prove that you uninstalled an app and want your in app purchase back when you buy a new phone. It’s proof.

    • shonangreg

      Aren’t you assuming that an uninstallation also results in Google Play sending a notification to the developer?

      • No_Nickname90

        Hmm… That is true.

  • https://plus.google.com/108596272537415356460/posts Jason Farrell

    FWIW, I’ve attached a screenshot below of an app of mine showing what every app dev sees (with private bits blurred out) when you buy their app. The google checkout merchant detailed-transaction page has name, email, and an incomplete address, OH MY

    • https://market.android.com/developer?pub=Ender's+Games+and+Apps Brian Ouellette

      Thank you Jason!
      Pretty much a name, email, and zip code are useful for demographics and getting put on a mailing list. Any good company will use a mailing list that allows them to unsubscribe.

  • kev2684

    harassing because a user left a negative review for your app? ain’t nobody got time fo’ dat!

  • https://market.android.com/developer?pub=Ender's+Games+and+Apps Brian Ouellette

    I have known about my customers email, zip, and name since I started selling Apps. I even made a map of zip codes that downloaded my app. Once in a while I would email my customers that returned the app within two minutes to ask why they did it.
    I mean, come on. Two minutes to decide my app sucks? You can’t even setup the app in two minutes unless you know the app.

  • meyerweb

    Do I fear it? Not really. Do I think Google should disclose what information it’s collecting and passing on? Abso-damn-lutely. It’s just another example of Google’s arrogance. They’ve become nearly indistinquishable, in that respect, from Apple. “We know what’s best for you. Trust us.”

  • http://profiles.yahoo.com/u/5OT7V6QFBWBYH35WBE6VGTLBBY nuffinn

    Funny…I get the same info about the developer….except a real name. Whats the problem again?

  • jackdubl

    Well, I use my Gmail account strictly for play purchases, pay pal, and amazon. All the universal junk goes to my Yahoo account. So, no, I am not happy my Gmail address goes out with app purchases. I’ll be more unhappy if I start getting junk mail there.

  • Fred

    He’s upset that its more than “what Apple gives you”. They’re what you call middlemen…

  • Matt

    I was surprised one day when I got an email from a developer with my name and thanking me for purchasing their app. It’s not a big deal though.

  • JustAnotherG

    My names on my reviews for the world to see now, what’s the big deal with the dev having it?

  • mirage03

    A psycho hacker can know much more than these infos, he can invade your privacy and do horrible stuffs.. That’s what we should worry about.

  • http://profiles.google.com/joshdobbs Josh Dobbs

    Quentyn what the heck is going on with you? I used to love reading your articles but recently it’s as if your just phoning it in. This is nothing new! This info has been provided to every Android App publisher that sells apps. Also a few weeks ago you reported that all developers can now reply to comments on google play…none of my dev accounts have this ability yet and you refuse to reply to my comments on your posts.

  • Michael Lee

    You could’ve just asked me. I get all kinds of people buying my app. I thought it was a bit creepy seeing everyone’s names at first, too. But to be honest, it’s not a big deal at all.

  • JonBonazza

    First of all, developers had been requesting this information for a very long time, and now that it is there, some of them dont want it?. Also, even before this info was made available in this way, every successful app had some sort of tracking system built in that would send user information to the devs. Its still like this on both android and iphone. Nothing new here.

  • kenyee

    Wish we got that info for cancelled orders. Every time I release a new version, i get a series of cancellations… I suspect pirates….