December 8, 2021

Volume XI, Number 342

Advertisement
Advertisement

December 07, 2021

Subscribe to Latest Legal News and Analysis

December 06, 2021

Subscribe to Latest Legal News and Analysis

Google’s Privacy “Data Safety” Form Is Now Available

Google Play’s “data safety form” is now live. Developers can now submit the form for early review and feedback. Starting in April 2022, Google will require this label and a privacy policy for all new and existing apps. This is similar to Apple. Before, only apps that collected personal and sensitive user data needed to share a privacy policy in Google’s store.

An app’s store listing will automatically update with the data safety information in February 2022. If an app has not submitted this information yet or it has been rejected, users will see “no information available.” By April 2022 all apps must have this data safety section approved. In the data safety form, apps will have to state what data the app collects. Developers will also have to note activities involving data “sharing.” The form also asks about measures taken to protect data. Apps will need to note if there are user rights, such as deletion. Developers are ultimately responsible for the accuracy of the information disclosed in this form.

There are a number of FAQs available as companies work through completing this form. For example, the FAQs note that the form should reflect the global representation of data practices. Thus, those companies that have different practices by geography will have to share version-specific information in the “about this app” section. The launch of the form is on track from Google’s initial announcement, which we reported on. Companies that fail to timely comply with this requirement may be subject to blocked updates or removal from Google Play.

Putting it into Practice: Companies that have mobile apps available in the Google Play Store should work with counsel to complete the data safety form. This may involve also reviewing the company’s privacy policy. Data practices must be accurately described in both the data safety form and privacy policy to address potential UDAAP exposure.

Copyright © 2021, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XI, Number 328
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Julia Kadish is an attorney in the Intellectual Property Practice Group in the firm's Chicago office.

Areas of Practice

Julia's practice focuses on data breach response and preparedness, reviewing clients' products and services for privacy implications, drafting online terms and conditions and privacy policies, and advising clients on cross-border data transfers and compliance with US and international privacy regulations and standards. She also workes on drafting and negotiating software licenses, data security exhibits, big data licenses, professional...

312.499.6334
Advertisement
Advertisement
Advertisement