An Australian app developer has claimed that he has access to the personal information of users who download his Android app through the Google Play store.
App buyers were not informed that their personal information was being shared with third party app developers. This potentially violates Google’s 2011 privacy settlement as well as its existing policies for its app store and payment service.
According to the Australian developer Dan Nolan, the issue was noticed after logging into his Google Play merchant account to update payment details.
"Each Google Play order is treated as a Google wallet transaction, and as such, software developers get all of the information (sans exact address) for an order of an app that they would get from the order of something physical," Nolan said.
Google Play’s terms of service says that users have to provide information about themselves, including their name, address, and billing details to access certain services.
"With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase," Nolan said.
"Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it’s made crystal clear to them that I’m getting this information."
Describing the issue as a massive oversight by Google, Nolan has reached out to Google to fix the issue immediately.