Microsoft hits Google on Android privacy: name, email, and location given to app developers

Whenever you install an app on your Android phone from Google Play, the app developer gets your name, email address, and neighborhood. Microsoft thinks that’s an egregious breach of consumer privacy, and it published a new video today on Scroogled that hits Google hard.

“Most app makers are trustworthy,” the ad says. “However, in the wrong hands, who knows what they’ll do with your info?”

[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":712872,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,dev,mobile,security,","session":"C"}']

The question is a valid one, and Microsoft is quick to mention that downloading and installing apps on Windows Phone does not result in personal information being shared. Apple’s app store handles purchases and downloads the same way, with purchasers’ names, email addresses, and detailed locations remaining private.

The difference appears to be that Google views its Play store as a marketplace rather than a store, in which you are purchasing from the developer, not specifically from Google. In other words, it’s eBay, not Amazon. I’ve asked Google for additional comment.

There’s no question that Microsoft’s attack is a little over the top, paired with a big scary question: “If you can’t trust Google’s app store, how can you trust them for anything?”

But there’s also no question that this is a privacy concern Google should address.

I’ve downloaded many apps from Google Play, and I’ve never once seen or noticed any notification that my personal information would be passed along to the app developers (which could entirely be due to my own lack of attention, or general click-through warnings behavior).

Consumer Watchdog has complained to the FTC about Google’s practice, saying:

“To no one’s surprise … Google has violated the Buzz Order yet again – and this time in a most substantive and egregious manner, by giving personal and closely held information from tens (if not hundreds) of millions of Android users to independent and unrestrained application developers, in contravention of Google’s own stated privacy policy … This represents the fifth significant misuse of confidential user data by Google in the last three years (previously, the “Wi-Spy” scandal, the Google Buzz fiasco, Google’s improper combining and use of personal data, and the Safari Hacking episode).”

I’ll update with Google’s response as I receive it.

[aditude-amp id="medium1" targeting='{"env":"staging","page_type":"article","post_id":712872,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,dev,mobile,security,","session":"C"}']