The company has updated its Unwanted Software Policy page and the guidance page on how app developers should handle user data. Nonetheless, many users regularly use external app stores and direct download sites to acquire new apps, potentially putting their device at risk.
They must also ask a user's permission before they collect and transmit personal data that's unrelated to the functionality of the program, and clearly and prominently explain how the information will be used.
The new policy is applicable to all functions of an app.
The Safe Browsing warnings will appear "on apps and on websites leading to apps that collect a user's personal data without their consent", Google notes on its security blog. This covers anything from location data to crash reports, which often include a list of apps the user has installed. So if you're a developer and your app collects personal data, you have a little under two months to get your apps to comply with these new rules. Interestingly, it does not matter whether apps are featured in Google Play or they come via other marketplaces. This will help to crack down on malicious apps, including those from third-party sources that would previously go unnoticed by the Safe Browsing service.