Google has kept mum about the reasons behind its updated privacy rules for app developers. But that hasn't stopped some experts from speculating about the forces behind the change. After all, the new policy could make the tech company more competitive in the consumer space for years to come, but it also has the effect of making Google more compliant with EU privacy laws.

Google recently updated its “Unwanted Software Policy” to mandate that app developers selling or providing their products through Google's marketplaces abide by new rules by January 30, 2018.

According to the “Google Security Blog,” under the new policy, app developers that handle personal user data will be “required to prompt users and to provide their own privacy policy in the app.” In addition, those companies that “transmit personal data unrelated to the functionality of the app” must also “prominently highlight how the user data will be used and have the user provide affirmative consent for such use.”

If the requirements for consent before handling personal data and the need for certain privacy notifications seem familiar to some, it could likely be because they are well-known provisions in the EU's upcoming General Data Protection Regulation (GDPR).

And some experts don't think that is a coincidence.

“The GDPR is obviously is driving the mobile app ecosystem globally to disclose more about their data collection practices,” says Jarno Vanto, a shareholder at Polsinelli. He added that Google's move to update its policies could be the company signaling it intends to take EU privacy law seriously.

Vanto noted that historically, Google has been the “target of numerous settlements with data protection authorities in Europe, and so I think that [the update is] a healthy reflection of their realization that they have to be proactive and not reactive.”

The updated policy could also be seen as a move to push Google's app developers to comply with GDPR standards before the regulation—which covers every company that handles EU citizen data—takes effect in May 2018.

But the EU regulation may be only part of Google's motivations. Darren Hayes, director of cybersecurity and an assistant professor at Pace University in New York, noted that there are there are several potential business benefits behind Google's policy change as well. Making it harder for apps to handle personal data, for instance, could potentially stifle the ability of third-party data companies to seamlessly collect and process data it obtains from Google apps.

“Some of these analytic companies have actually been bought up by Google, so some might view what Google is doing as trying to control, to potentially monopolize, who gets this kind of analytic information about their app usage,” Hayes said.

What's more, the policy update also may help Google better compete with one of its main competitors: Apple.

“I think they may be trying to emulate some of what Apple has done by giving consumers more control over the apps and the data that apps collect,” Hayes added. “Google and Android have always been known to be less stringent in app approval,” which has made Apple the most attractive option for privacy and security conscious consumers.

The change could therefore potentially level the playing field between the two tech giants. But it's uncertain what effects, if any, the policy will have in actually fostering consumer privacy and security.

“I think it won't make a big difference to consumers at the end of the day,” Hayes said, explaining that consumers often “don't read the small print” and won't likely read what they are consenting to in an app's privacy policy.

Vanto, however, believes that the policy could set a positive security and privacy standard. But he said its impact will significantly depend on how broadly or narrowly Google defines “personal information.”

While the company may implement its own proprietary definition, they also may take the “global approach here under the GDPR and under current EU law, which defines personal data very broadly.”

In that approach, “any data that can be used to identify a person, whether it's your ID on your device, your clicking patterns in an app, or how you play a game, as along as it's somehow possible to identify you as a person, then it's personal data,” Vanto said.