Google Play Security “Flaw” Exposes Personal Data Every Time You Download an App

Privacy advocates aren't going to like this revelation one bit, but it's come to light that Google Play isn't keeping your personally identifiable information as sacred as you might think. Every time you download an app, your private information is sent to the app's developer, including your full name, email address, and even your general location (though not your exact address).

Sydney app developer Dan Nolan blew the whistle on Google Play's penchant for sharing private information, telling that he's less than comfortable receiving that kind of user data, and that he doesn't believe any developer needs to know such details.

Google Play

"Let me make this crystal clear, every app purchase you make on Google Play gives the developer your name, suburb, and email address with no indication that this information is actually being transferred," Nolan wrote on his blog. "With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase. The problems on Android of app permissions (and subsequent potential for malware aside) is one of active negative behavior on the part of an app developer."

Nolan claims that each Google Play order is treated as a Google Wallet transaction, and that he can't see a way for customers to opt out of providing personal information. He called this a "massive oversight" on the part of Google, which is upfront in its terms of service about storing your personal information, but doesn't mention it may be passed on to developers every time you purchase an app.