An Australian software developer says Google was providing him with personal information of everyone who purchased his mobile app.
Sound like some sort of glitch? It wasn’t. The customers’ full names, emails, and more were shared in accordance with Google’s existing policies for its app store and its Google Wallet payment service.
SEE ALSO: Android’s Security Nightmare Continues
Critics are flaming the software company for “burying” important privacy policies in fine print, causing the vast majority of Android users to remain unaware of how easily and widely spread their private data is. Google argues the policy is “clearly stated.”
“This is a massive oversight by Google,” wrote developer Dan Nolan in a blog post last week. “Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it’s made crystal clear to them that I’m getting this information.”
If you bought the app on Google Play (even if you cancelled the order) I have your email address, your suburb, and in many instances your full name. … Let me make this crystal clear: every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred.
This is different than Apple because Google acts as a marketplace when apps are bought, which means transactions occur between developers and buyers—not Google and buyers. Apple only shares general information about download volume with third-party developers, except in the case of newsstand apps, which can access names and emails but only with the users express permission.