This article describes the best practices for providing prominent disclosure and consent requests to your app's users.
Background
As indicated in Google Play’s User Data policy, a prominent disclosure should be presented in cases where users may not reasonably expect their personal and sensitive user data to be required for policy-compliant features or functionality within an app. An example of this could be an app that collects browser history to detect and block a child from sensitive content using Accessibility Service APIs. If there is a valid functionality for this collection, a prominent disclosure will help users understand why the app might be collecting this information.
The prominent disclosure requirement is not a substitute for an app’s privacy policy or Data Safety section in Play Console. If your app accesses, collects, uses, and shares personal and sensitive user data, you must post a complete privacy policy in both the Privacy policy section of the App content page (Policy > App content) in Play Console and within the app itself. Similarly, every developer must complete the Data safety section of the App content page in Play Console by July 20, 2022.
For Permissions and Sensitive APIs requiring prominent disclosure and consent such as the Accessibility Service APIs, the Background Location Permission, or the Package (App) Visibility Permission, you must provide a separate in-app disclosure indicating the use of the permission or sensitive API to users. This will help ensure that users are aware and that they provide appropriate consent before the deployment of any permission or sensitive API.
Best practices
We recommend using the best practices listed below as guidelines for your prominent disclosure. For the relevant policy requirements, refer to the "Prominent Disclosure and Consent Requirement" section in the User Data policy.
- Present the disclosure to the user in the app, right before requesting permission or capability. The message cannot be in the app description or website. The ideal location would be in the user flow where users are informed of the steps to grant permission in Android Settings.
- Give the user an option to decline providing consent. Always provide an option to cancel the flow related to permissions.
- If the user denies or revokes permission that a feature needs, gracefully degrade your app while enabling your user to continue using your app. Consider disabling the feature that requires permission or the use of the relevant data.
- Require the user's explicit consent using clear and friendly language, such as "Agree" rather than "Allow access" (this can sound intimidating and unclear) or "Got it" (this is too casual).
- Use at least two options. The first option is to allow the user to grant permission. The second option is to allow the user to decline consent, but be able to grant it at a later time. Using "Not Now" or "Skip" may allow you to repeat the request for consent in the future.
- Don't use disclosure prompts that are similar to the Android System UI notifications and requests, as this may confuse users.
- Consider matching the disclosure prompt background color to your app's styles and themes instead of white so that consumers perceive that this message is from your app.
- Your prominent disclosure can be a window prompt, or it can be a part of the flow in the app UI. For example, if you have a conversational UI, you can present the prominent disclosure and consent text in the conversational UI and still meet Play Console requirements.
- If you need to show the consent again at a later time, be mindful of user fatigue. Respect the user's choice if the user has declined the in-app consent a few times.
- Why: Describe why the capability is needed by the app and the core purpose requiring this feature. This must be the primary purpose of the disclosure. We have found that users are more likely to uninstall apps when they don’t understand why an app is asking for permissions.
- What: If any data is collected using this capability, disclose all types of data involved.
- How: If any data is collected using this capability, describe how the data is used in the context of the core features.
- Verbosity: Provide a clear explanation even if it may increase in length. Clarity and comprehension are more important than brevity.
- Clarity: All text must be clear and easy to understand at a reading level of a 13-year-old.
- Tip: Use clear and simple language that has a meaningful value proposition, such as "supporting free content." Avoid jargon that people do not understand.
- Tip: When the data collection is due to an SDK, clearly disclose the data involved, why the data is needed, and that it is shared with a third party. For example: “In addition, our app shares your device location data with a third party, in order to retrieve and display map imagery for the app's meet me feature.”
When completing the permissions declaration form in Play Console, you can provide a link to a short video to help Google evaluate your app’s prominent disclosure. A YouTube link is the preferred video format, but a Google Drive storage that links to an MP4 or other common video file format is also supported.
Guidance for the video showcasing your app’s prominent disclosure
The video that you provide as part of the declaration must include the following:
- The opening of your app on the device.
- The user-flows to get to the prominent disclosure and consent screen.
- Make sure that the video includes the full disclosure. If it requires scrolling, make sure you slowly scroll so that all text is visible in the video.
- The user flow when the user consents.
- The user flow when the user does not consent, including the process when the user triggers the prominent disclosure and consent screen again.
- A core feature in your app that uses the capabilities declared in the prominent disclosure. If it isn't obvious from the user interface how the services are being used in your app, provide a voice-over or captions to help explain.
For more information, you can also watch our Play Academy video on "Declared permissions and in-app disclosures."