We’ve been working hard to make the Google Play experience safer and more trustworthy, both for developers and users. Today we are bringing new policy updates to further strengthen user control, privacy, and security.

Give users greater transparency about data privacy and security

In addition to new policies related to the upcoming security section of Google Play, we shared data definitions and other information. Read this article to learn more:

Improve advertising privacy and security

We have long provided users with practical AD ID control, such as the ability to reset the identifier at any time, or to opt out of allowing the identifier to be used for AD personalization. This year, we will add additional control options.

As we announced to developers on June 2, we will be making technical changes by the end of 2021 as part of the Google Play service update. When users choose to disable interest-based ads or AD personalization, their AD ID is removed and replaced with a string of zeros. As a reminder, this change to the Google Play service will be phased in, affecting apps on Android 12 devices beginning in late 2021 and expanding to all Google Play-enabled devices in early 2022. Additionally, apps that upgrade their target API level to Android 12 will need to declare a new Google Play service permission in the manifest file to use the AD ID.

We will also be testing a new feature that notifies developers and AD/analytics service providers of user outages to help developers enforce user choices and add them to policy restrictions on how AD ids can be used. When users delete their AD ids, developers will be notified so that they can remove AD ids that are no longer used.

In addition, we prohibit associating persistent device identifiers with personal and sensitive user data or resettable device identifiers. This policy adds additional privacy protections when users reset device identifiers or uninstall apps.

Finally, we provide a developer preview of the application group ID for core use cases such as analysis or fraud prevention. The Application group ID is a unique ID that allows you to collect usage or operations on devices for a group of applications owned by your organization. You cannot use application group ids for AD personalization or AD performance measurement. It will also reset automatically if all apps corresponding to the developer on the device are uninstalled, or if no apps have accessed the ID for 13 months.

Strengthen the protection of children

As we roll out the App Group ID for analytics and fraud prevention, we are further strengthening our privacy protections for children. If an app’s primary audience is children, the app cannot transmit identifying information such as an AD ID. If an app’s audience includes both children and adults, it needs to avoid transmitting such identifying information to children.

In the coming months, we’ll be sharing more information to help smooth the transition.

Strengthen the security

Security is fundamental to achieving privacy on our platform. We’ve announced a number of policy updates to help keep your data secure.

First, the Google Play ecosystem is safer if developers actively maintain their apps. Therefore, if the account has been inactive or deprecated for more than a year after hibernation, we will close the dormant account. This includes a developer account that has never uploaded an app or accessed the Google Play Admin in a year.

We will continue to support apps that are growing aggressively. We do not close accounts for apps that have been installed more than 1,000 times or have had in-app purchases in the past 90 days. Developers whose accounts are closed can then create new accounts, but they cannot reactivate old accounts, apps or data.

Second, it is important for users to have a safe and accessible experience. Therefore, we are adding new conditions for the AccessibilityService API and IsAccessibilityTool. These tools are used to create a frictionless experience and often require access to user data and device functionality. Currently, all apps that use the AccessibilityService API are required to disclose the circumstances and purpose of data access in the Google Play Administration and obtain approval. Read the official documentation for more.

A reminder of the payment policy

As we recently shared, after carefully considering feedback from developers of different team sizes, we are offering you the option to apply for a six-month extension to the compliance period, until March 31, 2022.

Please check out the full summary of policy updates, which includes detailed explanations to help developers better understand our policy.

Thank you for helping us make Google Play a more trusted platform.