InfoSecBulletin Cybersecurity for mankind
Google this week announced plans to increase the control that Android users have over their data by requiring developers to enable data deletion both from the app and online.
The initiative, expected to be enforced towards the end of the year, is part of a long-time initiative to improve user trust by requiring developers to provide clear information on their applications’ privacy and security practices.
AWS SNS misused for Data Exfiltration and Phishing
Researcher found non protected database form ESHYFT containig 86000 records
CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws
CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws
CVE-2025-20138
Cisco released High Security Alert for IOS XR Software
400+ IPs Exploiting Multiple SSRF Vulnerabilities
NVIDIA has released update for NVIDIA Riva
CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws
Ballista Botnet infects 6000 Unpatched TP-Link Routers
The new data deletion policy will offer increased control over user data by requiring developers to “provide an option to initiate account and data deletion from within the app and online,” Google explains.
The web requirement, which developers will have to link in their data safety form, will allow users to request account and data deletion without reinstalling the application.
Users can already access information on the available data deletion options in Google Play’s data safety section, but the upcoming option will make it easier for them to request data deletion.
“By creating a more intuitive experience with this policy, we hope to better educate our shared users on the data controls available to them and create greater trust in your apps and in Google Play more broadly,” Google says.
Once the new policy enters into effect, developers will have to delete both the account and the data associated with it when a request is received. However, users will be able to opt out of a complete account deletion and choose to have only selected data erased.
Developers will also need to clearly disclose data retention practices when certain data needs to be kept for legitimate reasons, including fraud prevention, security, or regulatory compliance.
As a first step, Google is requiring developers to submit responses to new data deletion questions in their applications’ data safety forms. The submission period ends on December 7.
The first changes brought by the new policy will begin to reflect in application listings in Google Play early next year. These will include a new data deletion area and a refreshed data deletion badge in the data safety section.
