The new Google policy mandating developer verification for all Android apps, including those sideloaded outside the Play Store, represents a significant and troubling shift away from the core values that made Android popular: Freedom, Openness, and Developer Accessibility. Android was built on the promise of openness. Students learning to code, Developers, Free and Open-Source Software contributors were given the ability to build and share apps without any gatekeeping. It gave users the freedom to choose how they use their devices and where they get their apps from. This new policy threatens those fundamental freedoms of users and developers.
If enforced, this policy will:
- Force developers to provide government identification (KYC) for building apps.
- Discourage hobbyist developers with the verification process overhead, effecting innovation.
- Force developers to pay fee to publish their apps.
- Restrict Hobbyists from sharing their APKs with their friends and peers.
- Make life extremely difficult for privacy-focused and anonymous developers.
- Endanger Free and Open-Source and privacy respecting platforms like F-Droid.
- Reduce user choice by pushing everyone towards Google Play Store.
- Centralize control in Google’s hands over what software people can run.
Security Matters, But Freedom Matters Too!
In the name of protecting users from malware we cannot be restricting the entire ecosystem.
Possible alternatives include:
- Giving users clear warnings when installing unverified apps
- Community-Driven Trust and Ratings
- Improving OS-level malware scanning
- Open Source and Transparent Code Audits
- User Education and Control
- Promoting reproducible builds
Combating this
- Be vocal and resist the policy
- Degooglify (see swechaap.org/blog/reducing-tracking-in-your-phone)
We strongly oppose Google’s move to restrict sideloading and developer freedom, and stand firmly
for an open, free, and user-controlled Android ecosystem
Executive Committee
Swecha AP