What would you say if you knew a developer had record of your full name, your general vicinity (like your city and province) and email address each time you purchased an app from them? That’s exactly what seems to be happening in the Google Play Store according to one developer. Developer Dan Nolan — a Sydney, Australia native — was shocked to learn that he was getting this information about each and every user who purchased his app.
Nolan says he doesn’t feel comfortable with the information, stating: “with the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase.” We imagine the biggest of his worries doesn’t have quite that much to do with any worries about harassment, though. What if a malicious developer found a flaw in the way this information is transferred to the developer and created an app to intercept that?
Furthermore, there is concern that users nor developers are aware that this information is being exchanged before it actually happens. The fact that neither side can opt-out of receiving this information is more troubling, says Nolan. The developer says the information being given up is quite robust and overkill compared to what Apple gives you, which is a simple report of how much you’ve gathered in sales and how those sales stack up from one country to the next.
Google didn’t quite comment on these claims, but interestingly enough the Mountain View company contacted News.com.au to clarify that this wasn’t a “flaw,” but a feature, and that the outlet should change its title and leading paragraph accordingly. Nolan speculates that this behavior exists because Google Play orders are treated just like regular Google Wallet/Checkout orders, and those particular sales sometimes require that information for shipping purposes.
What’s my take on it? Well, it’s quite simple: what’s the big deal? Folks have no problem submitting their full name, email address, billing and shipping addresses and more information when ordering physical items, so why shiver in fear when an app developer has information to your name, your general location, and your email address?
Perhaps it’s a case of only wanting merchants to have “need-to-know” information. Perhaps users fear irresponsible developers will abuse that information or sell it to a third-party marketer. Those are very good points alone, but are they enough to be up-in-arms about? I suppose that’s up to each individual to figure out for themselves, but I personally feel like there’s nothing to worry about.
That said, I understand a user wanting to at least be told that this information is being sent, and also wanting a way to opt-in or opt-out of that. Google obviously felt it wasn’t that big of an issue when it implemented the system, but perhaps it’s something for the company to revisit to avoid more hot water in the risky and uncertain waters of information privacy in this digital day and age.
What about you? Do you fear developers have access to too much information about the people who are buying apps from them, or are people overreacting to a non-issue? The comments section is always open to any and all healthy discussion, so keep it light and respectful, and let your thoughts be heard below!
[Thanks to everyone who sent this in!]