Linked by Thom Holwerda on Fri 15th Feb 2013 08:21 UTC
Google "Sebastian Holst makes yoga mobile apps with his wife, a yoga instructor. The Mobile Yogi is sold in all the major mobile app stores. But when someone buys his app in the Google Play store, Holst automatically gets something he says he didn't ask for: the buyer's full name, location and email address. He says consumers are not aware that Google Inc. is sharing their personal information with third parties. No other app store transmits users' personal information to third-party developers when they buy apps, he said." Oh Google.
Thread beginning with comment 552568
To read all comments associated with this story, please click here.
UltraZelda64
Member since:
2006-12-05

If so, then I should be safe. This kind of privacy violation is just... wrong. Google seems to think that their customers automatically trust third parties or something... if anything, this demonstrates that Google themselves should not be trusted.

Reply Score: 6

JAlexoid Member since:
2009-05-19

Yes, it applies only when buying. And only after the 15 minutes are up. Just like any other merchant account gets that information with Google Wallet. Remember that each app outlet on Play Store is actually a merchant account. The model of operation is very different than Apple's.

Taken that into account, it's quite obvious that you actually have to provide that information to the merchant.

How do you ask for a refund, if you don't provide that information.

This only sounds like a big deal, but I bet you rather have that information disclosed to the seller than go through 3 different types of support to get your money back.


I'd rather have a better solution, but I doubt that it would fix more than it would break.

Also, don't forget that unlike regular Play Store accounts, merchant accounts are controlled much more strictly.

Reply Parent Score: 3

Alfman Member since:
2011-01-28

JAlexoid,


Why do merchants *need* this information? I can understand why the merchant would like to have it, but it's not really technically any better than a discrete transaction id for the purposes of identifying the payment.


"How do you ask for a refund, if you don't provide that information."

A transaction id or account number is just as accurate for this purpose. The only reason I can think of to have email/location/name is for vendor to initiate contact with the user, not the other way around. This may be innocent and even desirable, like getting emails about software updates. However IMHO *all* email subscriptions should be opt-in. Vendors have no need for an email address which they'll never use, and (hopefully) they'll never use an email address which they haven't gotten permission to use.

This whole shenanigan is easily rectified by simply prompting the user's email address at the time of purchase using google's records for defaults. This way there would be no non-consensual privacy violations and the user gets to choose what information gets shared.

Reply Parent Score: 3