Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online
Google enforced a new data wipe policy for Android apps that allows account creation as well as offers users a setting to delete their accounts in an effort to provide more transparency and control over their data.
“For apps that allow app account creation, the developer should immediately provide the option to initiate account and data deletion from within the app and online,” Bethel Otuteye, senior director of product management for Android Application Security, said. said.
“These web terms, which you will link to at Data security formit’s important that users can request account and data deletion without having to reinstall the app.”
The goal, says the search giant, is to have an “easy-to-find option” to initiate the app account deletion process from both within the app and outside of it.
To do so, developers must provide users with in-app paths and web link resources to request deletion of app accounts and associated data. If a user submits such a request, the application developer is required to delete all data associated with the account.
Additionally, users may be provided with the alternative of selectively deleting only some data (e.g., activity history, images, or videos) instead of deleting their account entirely.
Developers who wish to retain certain data for legitimate reasons such as security, fraud prevention, or regulatory compliance are required to disclose such data retention practices upfront.
“Temporary account deactivation, disabling, or app account ‘freezing’ does not qualify as account deletion,” Google explicitly stated.
New policies are expected apply early next year, with developers having until December 7, 2023, to submit answers to new Data deletion questions in the app’s Data Security form. Developers can apply for extensions until May 31, 2024.
Learn to Secure Identity Perimeter – A Proven Strategy
Improve your business security with our upcoming cybersecurity webinar led by our experts: Explore the Identity Perimeter strategy!
The development also put Android in line with Apple’s iOS and iPadOS operating systems, which instituted a similar policy starting June 30, 2022. However, it does not require that users can also delete their account via the web.
Nonetheless, it remains to be seen whether enforcement action will be taken if the developer fails to follow the rules. Earlier this year, Mozilla called out Google after discovering serious discrepancies between the privacy policies of 20 of the most popular free apps and their self-reported information on the Play Store.
