Now that we know just how much of our data is being collected and sold every day, the conversation surrounding user privacy is never going to end. We expect the companies we support to do their part in protecting us from the apps, the sites, and the services that we access on their platforms, and some have made it a top priority.
For example, Apple now forces developers to make their apps ask permission to track users. In fact, we learned this week that Apple has even started rejecting apps that try to track users without prompting them first. These are steps in the right direction as end users attempt to gain some semblance of control over their private data again, and in a similar fashion, Google is making a change to Android that should please privacy advocates.
As spotted by XDA-Developers, Google is making changes to its Developer Program Policy that will make it more difficult for apps to be able to see the others apps you have installed on your phone. As the company explains in a new support document, Google Play regards the apps on your device to be “personal and sensitive information,” which means that permission to view that list of apps should not be freely available for every app.
Specifically, there’s a permission on Android called QUERY_ALL_PACKAGES which allows an app to see every other app currently installed on your Android phone or tablet. Starting on May 5th, 2021, only apps that have a “core user-facing functionality or purpose [that] requires broad visibility into installed apps on the user’s device” will be able to use this permission. Google also explains that the permission only takes effect on apps targeting Android API level 30 or later on devices running Android 11 or later, which means many phones will not be protected by this specific policy change next month. Here are all of the permitted uses for the permission:
Permitted use involves apps that must discover any and all installed apps on the device, which for awareness or interoperability purposes may have eligibility for the permission. Permitted use includes: device search, antivirus apps, file managers and browsers.
Apps granted access to this permission must comply with the user data policies, including the prominent disclosure and consent requirements, and may not extend its use to undisclosed or invalid purposes.
If an app meets all of the requirements, the developer still needs to declare that QUERY_ALL_PACKAGES is part of the app in Play Console. Any developers that fail to submit a declaration form or apps that fail to meet the requirements and attempt to view the apps on a user’s phone anyway may be removed from the Google Play store altogether. Not only could your app be suspended, but your developer account could be terminated.