Google Play privacy SNAFU sends app buyers' details to devs
Australian coder says if you buy his Android app he'll know where you live
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Dan Nolan, an Australian software developer, has claimed that Google Play sends those who sell apps in the online bazaar personal details of app buyers.
Nolan rose to notoriety late in 2012 by launching "The Paul Keating Insult Generator". Keating was Prime Minister of Australia between 1991 and 1996 and had a famously acid tongue. Keating described one political opponent as an "intellectual rust bucket" and laughed off criticism from another as "like being flogged with a warm lettuce."
Nolan's collection of Keating's best insults became Australia's best-selling iOS app. He's since coded an Android version, and when checking to see how well it has done made the startling discovery that the "merchant account" feature lets him see personal details about those who have bought the app.
"Let me make this crystal clear," he has blogged, "every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred."
"With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase," Nolan says.
Nolan's not provided any screenshots or other substantiations for his claim.
The Register requested comment on Nolan's report from Google, but the ad giant and self-driving car pioneer has not responded at the time of writing. ®
COMMENTS
So?
If I sell something through PayPal, physical or intangible, I get details of the buyer, e.g. the email address and name. How exactly is this different?
Re: I can see the use for some of the info
I depends a bit on what you have agreed to. If you use Google you have more or less agreed to let your trousers down anyway and Google will continue to collect information as long as they can get away with it. I suspect this will come to a somewhat abrupt end by means of a massive EU fine, but that will take a while (the holdup is the discussion about their current privacy policy - there appear to be complaints backed up behind that. BTW, check out the 27 signatures in that letter).
A financial transaction like a payment always comes with personal details because it's part of the verification process, but the seller should not be party to that data because there is no valid reason for them to have it (the Google shop is supposed to handle this) - with one exception: they need some handle on who is entitled to support. IMHO, the Google ID or email address would suffice for this and is probably part of the Google T&Cs you signed for, but the Google Wallet privacy policy states the following:
Information we share
We will only share your personal information with other companies or individuals outside of Google in the following circumstances:
As permitted under the Google Privacy Policy.
As necessary to process your transaction and maintain your account.
To complete your registration for a service provided by a third party.
It's a bit early - I would wait for the full facts before making any judgement. Having said that, with most companies your personal details are only one coding error away from disclosure, this is also why most of them are so easy to hack. To do it right you would sling transaction data offline into a one-way storage container as soon as practical via what is called an information diode. After all, you only need that data in case of query and for admin - there is no need for this to remain on the public side of your infrastructure. The prime reason few bother is because it costs money (and customer's rights be damned).
BTW, you may want to look at Startpage as well for your search needs. It offers proxied links so Google doesn't even see which results you actually use (which is normally a leak).
As for Android being a [censored] for privacy, yup. In iOS I can install an App without giving it permissions at all, which would stop it from working, but it would install. I can also retrospectively edit those permissions. This could lead to silly situations such as TomTom not being able to work because I denied it permission to see GPS data, but the point is that *I* decide that, and can adjust to changing circumstances. In Android, not only do I have to give permissions upfront, I am coerced into doing so because the App would otherwise simply not install. Once installed, I have zero control over what the App does. Interestingly, I think coercion for personal data is actually illegal under EU law (I know the UK has a clause floating around somewhere that a user's choice must be a genuine choice rather than coercion), so we may have yet another problem Google will have to deal with and which could declare all versions of Android which use this model as illegal (that could get interesting - must discuss with regulators..).
Having said that, the about coercion rule actually declares some iOS apps illegal as well, if I recall correctly, WhatsApp refuses to work on iOS until it is granted full access to your contacts. However, if you are concerned about privacy, WhatsApp should be about the very last App you would install anyway, as well as Viber.
Last but not least, if you recall the Streetview saga, you can remember that they said it was "an accident". Here's is another reason why you may want to avoid Android: read item number 47 of this officially submitted response. If it was an "accident", then why continue the activity on another platform?
Re: Privacy, schmivacy
And Doozerboy is your real name, presumably?
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
