Apple and Google in 2022 imposed new privacy requirements on mobile apps available for download in the Apple App Store and Google Play Store, respectively. MSSPs and MSPs that offer mobile device management (MDM) services -- or develop such services -- would be wise to study the new requirements.
As described further below, Apple’s new account deletion requirement applies to all mobile app submissions to the Apple App Store beginning January 31, 2022. Similarly, Google’s new Data Safety section launched in February 2022, and app developers have been required to submit to the Google Play Store Data Safety forms and Privacy Policies since April 2022.
Apple Mobile App Privacy: More Details
Here are some key dates and milestones for MSSPs that support Apple devices.
- June 2021: Apple updated Section 5.1.1 of its App Store Review Guidelines, to require mobile apps that allow users to create accounts to also enable users to initiate deletion of their accounts from within the app itself.
- October, 6, 2021: Apple announced that this new requirement will go into effect on January 31, 2022. Apple’s announcement encouraged mobile app developers to review any laws that may require them to maintain certain types of data, and to make sure that their apps clearly explain what data the app collects, how the app collects data, all uses of the data, and the app’s data retention and deletion policies.
Google Mobile App Privacy: More Details
Similarly, here are key dates for MSSPs that support Google-oriented devices.
- May 2021: Google announced a forthcoming policy, requiring mobile app developers to inform Google of their apps’ privacy and security practices by a completing a Data Safety form in the Google Play Console. The information provided will be displayed in a new Data Safety section on the developer’s Google Play Store listing, so that Google Play users may learn how the app collects and shares user data before downloading the app.
- October 2021: Google clarified that the Data Safety section will become visible to users in February 2022. Developers may submit Data Safety forms now and receive early review feedback. If the form is approved by February 2022, the app developer’s Data safety Section will automatically be updated with the information provided; otherwise, the section will read “No information available.”
Blog courtesy of Hunton Andrews Kurth, a U.S.-based law firm with a Global Privacy and Cybersecurity practice that’s known throughout the world for its deep experience, breadth of knowledge and outstanding client service. Read the company’s privacy blog here.