Google to yoink apps with an unauthorized Call Log or SMS habit from Android Play Store
'We take access to sensitive data and permissions very seriously...' No giggling, please
Paul Bankhead, director of product management at Google, has told programmers that apps in the Play Store that want access to SMS or Call Logs will start being removed unless the ad-slinger has OK'd the given developer's justification.
Failure to submit the Permissions Declarations form means the app could well be removed from the Play Store.
Google is a bit twitchy over the whole privacy thing, having been hauled over the coals for tendencies that would make even the most rapacious software outfit emit a stiff “Steady on, old chap.”
With vendors like Apple trumpeting their privacy credentials and Microsoft’s CEO declaring that Privacy is a Human Right, the gang at Mountain View decided back in October to tidy up what devs had access to. In this case, Google announced it would restrict developer access to SMS and Call Logs unless the app had an extremely good reason for wanting it.
Hence the Permissions Declaration form.
Kind old Google reviews this form to verify that end users will understand why the app needs access. It also assesses the benefit to the user while considering alternatives to using the functionality.
Those alternatives include the SMS Retriever API which will dump the user into the default SMS app with a prepopulated message rather than performing messaging shenanigans behind the scenes.
GDPR: Four letters that put fear into firms' hearts in 2018READ MORE
At face value, making devs justify the access their apps demand is a good thing, although one app developer told us he was concerned about the impact the change might have on automation software. He also worried that this might be the start of a lock-down to make the Play Store work more like the Apple version.
One might wish that Google would apply the same privacy gaze to its other wares. May we suggest Chrome?
Developers who have already submitted a form have received a compliance extension from Google that will take them to 9 March.
Otherwise, identified apps will be removed, meaning devs will have to either upload new versions without those permissions or keep them and complete a permissions declaration in the Play Console (“coming soon” according to the Chocolate Factory). ®
Sponsored: Becoming a Pragmatic Security Leader