Originally posted on techspot.
Any app allowing account creation must also allow in-app account deletion
Why it matters: Many causal users likely assume that when they delete a smartphone app, its account and associated data also disappear, which often isn’t the case. Following Apple’s example last year, Google will soon require Play Store apps to inform users more clearly of their options when deleting apps, accounts, and data.
Google just announced an upcoming Play Store app policy requiring developers to let users delete accounts from within apps and web browsers. Users will also have more information and options regarding deletion.
Since last summer, any iOS app allowing in-app account registration must also have a method for deleting users’ accounts within the app. The safety measure means Apple customers no longer have to go through external web services or other hoops to ensure the erasure of data they no longer need. Google is now following suit.
The requirement to provide deactivation through web portals or the app’s menus means users who delete apps no longer need to reinstall them to erase accounts and data. Additionally, Google will require apps to let users selectively erase data like photos, videos, or activity history. Developers must link the relevant information on their apps’ data safety labels so users know their options. Additionally, the forms must notify readers if services retain any data for security or legal reasons.
The biggest reason for the new rule is likely to minimize user exposure to data breaches. Services sometimes retain data without telling users who delete accounts, leaving them unaware of their data’s vulnerability to cyberattacks.
Like Apple, Google will give developers a months-long grace period before instituting its new policy. They have until December 7 to provide data deletion information on safety forms, which will appear on Play Store pages in early 2024. Developers can file an extension until May 31, 2024.
The new rules could be an attempt to tighten Google’s app data policy after Mozilla and the Washington Post criticized it earlier this year. The Firefox company found that Play Store privacy and data safety labels were misleading and underreported the amount of information that services shared with third-party entities. Mozilla’s security review found discrepancies between many data safety forms and the corresponding services’ ToS forms.