Trusted Developer Best Practice for Responsible Stewardship 


Principle 10. Be a Good Custodian
Developers should act on the user’s behalf in protecting and defending user content or private user data under their control.

Best Practice:

  • Developers should use all legal means to defend data from unauthorized access.

  • Some data categories are explicitly regulated (e.g. health, finance, children, etc.): know the law.

  • Where appropriate, consider storing and using shared data in anonymized form.

Principle 11. Respect the Rights of Users to Control or Influence How Data Is Used
Developers should provide users with the ability to access, retrieve, or permanently delete their content and private user data, and should carefully consider user impacts when deciding how shared data is used.

Best Practice:

  • Developers should provide a simple means for users to rescind consent or delete their account.

  • Developers should provide a simple means to remove apps and service data from user devices.

  • Developers should avoid using shared data in ways they know a user would not approve.