Google Play’s “data safety form” is now live. Developers can now submit the form for early review and feedback. Starting in April 2022, Google will require this label and a privacy policy for all new and existing apps. This is similar to Apple. Before, only apps that collected personal and sensitive user data needed to share a privacy policy in Google’s store.

An app’s store listing will automatically update with the data safety information in February 2022. If an app has not submitted this information yet or it has been rejected, users will see “no information available.” By April 2022 all apps must have this data safety section approved. In the data safety form, apps will have to state what data the app collects. Developers will also have to note activities involving data “sharing.” The form also asks about measures taken to protect data. Apps will need to note if there are user rights, such as deletion. Developers are ultimately responsible for the accuracy of the information disclosed in this form.

There are a number of FAQs available as companies work through completing this form. For example, the FAQs note that the form should reflect the global representation of data practices. Thus, those companies that have different practices by geography will have to share version-specific information in the “about this app” section. The launch of the form is on track from Google’s initial announcement, which we reported on. Companies that fail to timely comply with this requirement may be subject to blocked updates or removal from Google Play.

Putting it into Practice: Companies that have mobile apps available in the Google Play Store should work with counsel to complete the data safety form. This may involve also reviewing the company’s privacy policy. Data practices must be accurately described in both the data safety form and privacy policy to address potential UDAAP exposure.

*Dhara Shah is a law clerk in Sheppard Mullin’s Chicago office.