Google’s Area 120 debuts Checks, an AI-powered privacy compliance solution for mobile apps

A team at Google is today launching a new product for mobile app developers called Checks which leverages AI technology to identify possible privacy and compliance issues within apps, amid a rapidly changing regulatory and policy landscape. The freemium solution will be offered to both Android and iOS app developers of all sizes, who will be able to have their apps analyzed then receive a report with actionable insights about how to address the problems that are found.

Checks was co-founded by Fergus Hurley (GM) and Nia Castelly (Legal Lead), who developed the project over the past two years as a part of Google’s in-house incubator, Area 120. The Checks team had previously built tools like Android Vitals to address developers’ technical challenges, and had the idea to use AI to now address privacy compliance challenges, as well.

Today’s app developers have to keep up with a number of newer regulations and policies, from Europe’s GDPR requirements to new rules implemented by the app stores themselves. Meanwhile, consumers have become savvier about the trade-offs involved in using free software — they now often want to know to what extent an app respects their privacy, how their data is accessed, stored, or shared, and more. And even if a developer’s app plays by all the rules, an SDK the developer uses may not — or the SDK’s data-sharing behavior may change over time — presenting another compliance challenge.

Image Credits: Google

With Checks, the idea is to make achieving compliance an easier process than it is today. To use Checks, developers submit their app for a privacy compliance analysis, which involves both an automated review and, on some tiers of service, a human review, as well.

To get started, Android app developers can log in using their Google account, then provide their Google Play app ID. They’ll then answer a few questions and verify their access. Checks will scan across multiple sources of information, including the app’s privacy policy, SDK information and network traffic, to generate its report. The solution also takes advantage of advances the team made with using Natural Language Processing to scan an app’s privacy disclosures. After the scan completes, developers are presented with a report that provides clear, actionable insights about the problems found and lists of resources.

The free tier can be used for completing Google Play’s new Data safety section, while paid tiers — Core, Premium and Enterprise — are designed to meet the needs of professional developers and larger businesses, including those who develop on iOS.

There are no technical requirements or prerequisites for using Checks, which runs its analysis on both physical and virtual devices.

The $249/month Core offering adds compliance monitoring for regulations like GDPR and the California Consumer Privacy Act (CCPA), and proactive notifications about upcoming compliance requirements. Premium users ($499/month) can automate the monitoring of their app’s data-sharing practices and gain an understanding of SDKs, permissions and where app data-sharing is taking place, among other things. Enterprise users (5+ apps and custom pricing) receive more frequent, advanced and in-depth privacy checks, which include access to a compliance review team, plus custom analysis and testing flows, and more.

Checks says the data and reports it generates are not shared with the Google Play team.

The team gathered feedback from hundreds of app developers to build Checks then worked with 40 early adopters to test the product ahead of its launch. Testers included Headspace, Sesame Workshop, StoryToys, Carb Manager, Homer and Lose It, among others.

Now, Checks is opening to a wider audience — interested developers can fill out the online form to register their interest on the Checks website.