Every time you purchase an app from Google Play, Google sends your email address, your suburb, and in many cases your full name to the app’s developer. That’s according to Dan, the creator of the Paul Keating Insult Generator for Android, who logged into his Google Play account this week to discover he had personal details for everyone who had purchased his app.
“I jumped over to the ‘merchant account’ section to see the orders and realised one absolutely insane thing,” Dan writes in a post on his blog, Internet Hugbox. “If you bought the app on Google Play (even if you cancelled the order) I have your email address, your suburb, and in many instances your full name.”
Every purchase you make on Google Play is treated as a Google Wallet transaction, and like any other merchant, Android developers receive certain personal details when you buy from them — even though they don’t need them. Google tells them not to use these details for “email marketing,” Dan says, but there’s nothing to prevent that from happening.
“Let me make this crystal clear, every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred,” Dan continues. “With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase.”
As Dan rightly notes, Android developers should not receive users’ personal data when they purchase an app — especially not without their consent first. But Google doesn’t give users the opportunity to opt out of this — it just happens, whether you like it or not.
Not only is this unnecessary, but it’s a massive privacy issue. Developers don’t need this information from us, and so there’s no need for Google to send it to them. And going it anyway without our permission is unacceptable.
Hopefully Google will do something about this — and soon. How do you feel about it? Let us know in the comments.
Source: Internet Hugbox