Google already has a policy requiring that web app names must be unique to any single application. The company plans to update its publishing process, assessment systems and user-facing consent pages to "better detect spoofed or misleading application identities." In addition, if a web app requests user data, it may undergo a manual review, much like Apple requires for all of its mobile apps. Google hopes to process these reviews within three to seven business days, and developers can request a review to allow access to a testing version of their app before it is officially approved.

Google also points developers to a blog post explaining their responsibilities when requesting user data. While that may be a good idea for scrupulous app makers, it isn't going to deter those who want to steal such data. Adding a human review to the updated automated systems within Google's process could be a much better first step.