When you buy an app through Google Play, all of your personal information—name, address and email—is sent straight to that app’s developer without user permission. As Dan Nolan, an Australian app developer who outed the small privacy slip-up put it, there’s enough information to “track down and harass users who [leave] negative reviews.”
Nolan explains that Google isn’t asking app downloaders explicit permission to send along their information, which Nolan said he found in his “merchant account.” The developer added: “Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it’s made crystal clear to them that I’m getting this information.”
He also lambasts Google’s “massive oversight,” and implores the search giant to fix it. Nolan says that even canceled orders give out personal information without user consent. That doesn’t exactly encourage users, particularly younger children, to go app crazy in Google Play.
If there was a disclaimer involved, or if Google asked if personal information could be sent along, that would be one thing. But Nolan claims information is being sent without any permission whatsoever.
Google has yet to respond to Nolan’s claims.