Google under fire for sending users’ information to developers
SAN FRANCISCO -- Sebastian Holst makes yoga mobile apps with his wife, a yoga instructor.
The Mobile Yogi is sold in all the major mobile app stores. But when someone buys his app in the Google Play store, Holst automatically gets something he says he didn’t ask for: the buyer’s full name, location and email address.
He says consumers are not aware that Google Inc. is sharing their personal information with third parties. No other app store transmits users’ personal information to third-party developers when they buy apps, he said.
“Google is not taking reasonable steps to ensure that this data is used correctly,” said Holst, whose app has 120,000 users.
Google is coming under fire just as regulators in the U.S. and overseas are stepping up their scrutiny of how all the players in the industry -- mobile apps, stores, advertising networks and others -- handle consumers’ private information. Regulators are pushing for greater transparency of what information is collected by apps and how it’s shared.
Google Play has worked differently than Apple Inc.'s iTunes since it launched in October 2008. An app developer sets up an account through the mobile payment system Google Wallet, which makes them a merchant in the store. When someone buys his or her app from Google Play, that transaction -- and the customer’s information -- is sent to the developer. The developer has to comply with rules about what he or she can do with the information.
But at Apple, iTunes is the merchant. App developers say they never receive customer information.
Google defended how Google Play operates in an emailed statement.
“Google Wallet shares the information necessary to process a transaction, which is clearly spelled out in the Google Wallet Privacy Notice,” Google said.
Barry Schwartz, Search Engine Land’s news editor, said he prefers it that way.
“I want to be able to service my customers, and yes, they are my customers, not Google’s and not Apple’s customers. They download our products. They call the developer with questions. We provide them the tools and the content. They are our customers,” Schwartz wrote in a blog post. “Apple doesn’t tell us who our customers are, and when we need that information to verify ownership or to give refunds, we are left with blindfolds on. Google, in my opinion, does it right by making the user who downloads the app our customer.”
But Danny Sullivan, founding editor of Search Engine Land, said Google should make it clear to consumers that their information is being shared with third-party developers.
“Google’s privacy policies don’t make clear this is happening, something Google probably needs to correct,” Sullivan said. “I sure had no idea that Google Play did this.”
Nor did Dan Nolan, an Australian app developer. He said he was astonished when he found out that Google was sending him users’ names, email addresses, city and ZIP Code. He wrote a blog post Wednesday condemning Google for doing it.
Nolan runs a popular app in Australia called the Paul Keating Insult Generator that throws out quips worthy of the former labor prime minister there.
“Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it’s made crystal clear to them that I’m getting this information,” Nolan said.
Privacy watchdogs say consumers are largely in the dark that Google is sending their information to outside developers despite assurances from Google that it tells them when they sign up for Google Wallet. That, they say, is “troublesome.”
“The question is: What constitutes meaningful consent?” said Marc Rotenberg, executive director of the Electronic Privacy Information Center. “The bottom line is that users are not able to control how their data is being gathered and disclosed.”
Apple may have started the mobile app boom in 2008, but Google is catching up. As of October, Google Play had the same number of apps -- 700,000 -- as Apple.
Google is trying to press its advantage by making it easier for developers to build apps and easier for users to buy them. Apps help fuel the growing popularity of phones that run Google’s Android software. Apple’s app sales still generate several times the revenue of Google’s.
Google does not run its app store with the same ironclad control that Apple does, and that has occasionally led to problems.
It’s also had run-ins with federal regulators over privacy. Google agreed in 2011 that it would ask users before sharing their data with outsiders to settle government claims that it violated its users’ privacy with its social network Buzz.
The Federal Trade Commission settlement also required the search giant to submit to independent privacy audits every two years for 20 years. Last year Google had to pay $22.5 million to settle charges for bypassing the privacy settings of millions of Apple users. It was the largest penalty ever levied on a company by the FTC.
Google is not the only company to come under fire for how it shares information with app developers. In 2011, Facebook Inc. agreed to a 20-year privacy settlement with the FTC that required the company to get users’ permission before changing the way it treats personal information. The FTC alleged that Facebook engaged in deceptive behavior when it promised that third-party apps would only have access to user information they needed when in fact many apps had unrestricted access to users’ personal data.
The view from Sacramento
Sign up for the California Politics newsletter to get exclusive analysis from our reporters.
You may occasionally receive promotional content from the Los Angeles Times.