Microsoft points Scroogled war machine at privacy worries over Android apps

Microsoft's has fired another shot across Google bows with a few carefully-directed barbs about consumers' personal data that Google hands over to Android app developers.

"When you buy an Android app from the Google app store, they give the app maker your full name, email address and the neighborhood where you live. This occurs without clear warning every single time you buy an app," Microsoft warns in its ongoing Scroogled publicity campaign against its rival.

"Unlike Google, Windows Phone Store doesn't share your personal information with app makers," Microsoft claims on the Scroogled site.

Microsoft has posted two videos and a series of screenshots showing information detailed in the Google Checkout dashboard that app makers see when Google Play consumers purchase and cancel apps. The personally identifiable information it lists include first and last name, email address, city, state, zip code and country.

The campaign latches on to privacy concerns raised by an Australian app developer earlier this year over Google not explicitly asking permission from buyers to share that information with the developer. 

The developer noted that Apple did not share buyer information with developers that distribute apps on the App Store.

Google would not publicly comment on the story at the time, however, one of the key differences between the App Store and Google Play is that Apple is the "merchant of record" for App Store purchases, while developers that register on Google Play and sell paid apps or in-app purchases are the merchant of record. Since buying apps on Google Play requires Google Wallet, users have already agreed to share information under those terms.

Developers are bound by terms and conditions outlined in 4.3 of Google's Play developer terms, which puts the onus of protecting user information on the developer:

4.3 You agree that if you use the Market to distribute Products, you will protect the privacy and legal rights of users. If the users provide you with, or your Product accesses or uses, user names, passwords, or other login information or personal information, you must make the users aware that the information will be available to your Product, and you must provide legally adequate privacy notice and protection for those users. Further, your Product may only use that information for the limited purposes for which the user has given you permission to do so. If your Product stores personal or sensitive information provided by users, it must do so securely and only for as long as it is needed.

The user side of the agreement is tied up in acknowledgements made within the Google Play terms of service and Wallet terms.  

Under the Play terms, users acknowledge that: "in order to access certain services in Google Play, you may be required to provide information about yourself such as your name, address, and billing details".

Section 2.1 of the Wallet terms of service adds:

"When you sign up for Google Wallet, you are creating a Google Wallet Account that is associated with your Google Account. Depending on the Services of Google Wallet you use, you may be asked to provide information such as your name, contact information, Payment Instrument information, date of birth, and/or your social security number. We may verify your registration information with a third party verification vendor. In some cases, we may ask you to send us additional information, such as a copy of your driver’s license or passport, or to answer additional information to help us verify your identity."