Surprises sometimes come to those who buy and sell apps on Google’s Play Store. After selling a few hundred copies of an app, Australian blogger Dan Nolan reported having received a large surprise.
It came in the form of personal data, including the full names, postcodes and e-mail addresses of all the individuals who had purchased the app. He even received the personal data of those who did not retain the app after the trial phase had expired. The buyers had not been informed that their personal data had been passed on.
To download apps from the Google Play Store users have to create a Google wallet account. Individuals who use this account to make purchases are treated in much the same way as those who place order to be physically delivered to their home addresses. Whether this procedure also applies to free apps is unclear.
This agreement concerned the then newly introduced service “Buzz”, which also breached individuals’ rights to privacy. At the time Google’s director for privacy, Alma Whitten apologised to those affected. Google undertook to prevent the mistakes of “Buzz Start” from occurring in the future and to set up a comprehensive data protection programme. For the next 20 years the programme is supposed to undergo a biennial independent expert review.