This study addresses the cognitive and operational challenges Android developers encounter when completing Google Play’s Data Safety Section (DSS), particularly in accurately mapping collected personal data to the DSS’s predefined categories. Through a mixed-methods approach combining a survey of 41 developers and qualitative content analysis of 172 community discussion threads involving 642 developers, the research systematically uncovers significant gaps in understanding and procedural friction in DSS compliance. Findings reveal that while developers can generally identify the data they collect, they frequently rely on external resources, exhibit ambiguity regarding classification criteria, and express concerns about app rejection. These insights underscore an urgent need for more precise guidance and supportive tooling, offering empirical foundations and design directions for improving platform-level disclosure mechanisms.

Current legal frameworks enforce that Android developers accurately report the data their apps collect. However, large codebases can make this reporting challenging. This paper employs an empirical approach to understand developers'experience with Google Play Store's Data Safety Section (DSS) form. We first survey 41 Android developers to understand how they categorize privacy-related data into DSS categories and how confident they feel when completing the DSS form. To gain a broader and more detailed view of the challenges developers encounter during the process, we complement the survey with an analysis of 172 online developer discussions, capturing the perspectives of 642 additional developers. Together, these two data sources represent insights from 683 developers. Our findings reveal that developers often manually classify the privacy-related data their apps collect into the data categories defined by Google-or, in some cases, omit classification entirely-and rely heavily on existing online resources when completing the form. Moreover, developers are generally confident in recognizing the data their apps collect, yet they lack confidence in translating this knowledge into DSS-compliant disclosures. Key challenges include issues in identifying privacy-relevant data to complete the form, limited understanding of the form, and concerns about app rejection due to discrepancies with Google's privacy requirements. These results underscore the need for clearer guidance and more accessible tooling to support developers in meeting privacy-aware reporting obligations.