InfoSecBulletin Cybersecurity for mankind
Google this week announced plans to increase the control that Android users have over their data by requiring developers to enable data deletion both from the app and online.
The initiative, expected to be enforced towards the end of the year, is part of a long-time initiative to improve user trust by requiring developers to provide clear information on their applications’ privacy and security practices.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
The new data deletion policy will offer increased control over user data by requiring developers to “provide an option to initiate account and data deletion from within the app and online,” Google explains.
The web requirement, which developers will have to link in their data safety form, will allow users to request account and data deletion without reinstalling the application.
Users can already access information on the available data deletion options in Google Play’s data safety section, but the upcoming option will make it easier for them to request data deletion.
“By creating a more intuitive experience with this policy, we hope to better educate our shared users on the data controls available to them and create greater trust in your apps and in Google Play more broadly,” Google says.
Once the new policy enters into effect, developers will have to delete both the account and the data associated with it when a request is received. However, users will be able to opt out of a complete account deletion and choose to have only selected data erased.
Developers will also need to clearly disclose data retention practices when certain data needs to be kept for legitimate reasons, including fraud prevention, security, or regulatory compliance.
As a first step, Google is requiring developers to submit responses to new data deletion questions in their applications’ data safety forms. The submission period ends on December 7.
The first changes brought by the new policy will begin to reflect in application listings in Google Play early next year. These will include a new data deletion area and a refreshed data deletion badge in the data safety section.
