Do you think App 'Crash Reports' contain sensitive data?

  • Yes

    Votes: 7 100.0%
  • No

    Votes: 0 0.0%
  • Total voters
    7

Spawn

Administrator
Verified
Staff member
Source: Google is warning developers to include prominent crash reporting disclosures in apps or face removal

"There's been an uptick among Android developers receiving warnings from the Google Play team. The issue appears to be crash reporting, which is a common feature developers build into apps. Google now seems to be of the opinion that most crash reports count as sensitive data, and developers have to include a "Prominent Disclosure." Affected developers are getting 30 days to implement a fix and resubmit, but as usual, Google's violation email is light on details.

Here's the (redacted) email posted to the /r/androiddev subReddit, which several other devs report receiving in the last few days.

This is a notification that your application, XXXXXXXXXXXXX, with package ID xxxxxxxxxxxxxxx, is currently in violation of our developer terms. Your app is collecting user data via crash reporting and must comply with the Prominent Disclosure Requirement of our User Data policy.

Action required: Please make modifications to bring your app into compliance within 30 days of the issuance of this notification, or your app will be removed. You may want to consider adding a dialog notifying users of user data collection during crash reporting to ask their consent before the collection occurs.

.. This new wave of email warnings seems to indicate Google now considers most forms of crash data to be sensitive, and that means the app needs affirmative consent to collect crash reports. ..

.. Crash reports may also be considered personal data under the EU's new GDPR statutes. This is just speculation, but the new focus on data privacy might even be a response to the Cambridge Analytica scandal. In any case, developers should take a look at how they handle crash reporting."