
Massive Google Play Privacy Issue - petrel
http://phetdreams.tumblr.com/post/42959902001/massive-google-play-privacy-issue#notes
======
Pkeod
[https://plus.google.com/106557483623231970995/posts/Bed6WUJp...](https://plus.google.com/106557483623231970995/posts/Bed6WUJpNi4)

"With apple's app store you buy the apps from apple. With google play you buy
the apps from the developer. If you are the merchant of record you need to
know the address to correctly compute sales tax.

This is documented on [http://support.google.com/googleplay/android-
developer/bin/a...](http://support.google.com/googleplay/android-
developer/bin/answer.py?hl=en&answer=138000).

Google cannot give tax advice, so we have to give you the data to make the
determination yourself"

~~~
pdonis
In other words, Google, the huge corporation, would rather that the app
developer, who may not even be a corporation at all, be the merchant of
record?

I guess I can kinda sorta see this from one point of view: they are trying not
to be Apple. But they are still taking 30% of the money.

~~~
fpgeek
And while they give you the burden of being the merchant of record, they also
give you capabilities Apple doesn't (e.g. carrier billing, control of refunds,
ability to reply to reviews, etc.). It's a different bundle, with different
trade-offs.

------
gmoore
Doesn't sound all that unusual. Anyone selling anything via a credit card is
going to get the same info....perhaps even more...

~~~
tzs
The difference is that if you go to, say, Best Buy, and buy a Samsung TV, a
Sony Blu Ray player, and a game for your Wii, your personal information
doesn't go to Samsung, Sony, and the Wii game maker. The store, Best Buy, gets
your info, not the makers of the products sold in the store.

This is what people generally expect from stores that sell a variety of items
from many different manufacturers.

~~~
unsignedint
The thing about Google Checkout is that it's more of a "credit card processor"
than the merchant. They consider the developer as a merchant (maybe because
Google might have first designed Google Checkout to be payment processor, like
Paypal) which basically makes transfer of goods between a customer vs.
developer, as opposed to customer vs. Play store.

Aside the argument if it's good or bad, it seems to be consistent with that
notion -- if Google is considering Google Play to be more of a promotion
service with payment processing built-in, as opposed to curated content store.

~~~
Evbn
Uh, the name is Play _Store_.

It used to be called _Market_ , but they changed it to _Store_.

------
DinosaurArms
Coming from developing iOS apps first I thought it was strange that I received
these user details when they purchased my Android app. I assumed it had
already been brought up though and was decided to not be an issue.

------
tdtran
If you buy something from me, even via Google, you enter a mutual contract.
And as such you have to provide sufficient information to identify yourself.
Same with me. Pretty normal for any law protected contracts.

------
collegelabs
Its interesting to note that the email address wasn't always included, they
used to be [random]@checkout.google.com before they made the switch to Google
Wallet

------
1010011010
Kinda like Paypal.

~~~
nilved
Yes, exactly like that service everyone hates. ;)

------
jpatokal
ZDnet interview with the guy who found the issue:
[http://www.zdnet.com/google-play-privacy-slip-up-sends-
app-b...](http://www.zdnet.com/google-play-privacy-slip-up-sends-app-buyers-
personal-details-to-developers-7000011249/)

~~~
proexploit
It's not a "guy that found an issue". Nothing has every been hidden and it's
not a privacy slipup. Come on.

