Google To Restrict How And When Android Apps Can Access Other Apps, Just Like How Apple Did With iOS 9
It may have taken a while but Google will soon start making it harder for Android apps to be able to access other installed apps on a user’s device. The change, when it comes into effect, has similarities to privacy changes added to iOS 9 by Apple.
Currently, developers publishing Android apps can query the device’s system and get a list of other installed apps on the device.
That query doesn’t provide access to any sensitive data and while it seems relatively harmless on the surface, it is a process that has been used in the past to profile users. Developers have been able to see what banks a person uses or what type of dating or social apps they use and can then funnel that user into a specific demographic.
Starting with Android 11, XDA-Developers stipulates that things are going to tighten up a lot. Specifically, apps that request the “QUERY_ALL_PAKCAGES” permission will need to have an extremely good reason to be asking for that information. Google will start to treat that data as “personal and sensitive data” and, as such, will only accept apps through the review process that genuinely have a reason for requesting the information.
The change will come into effect starting May 5, 2021.
After that date, MacRumors points out that apps will only be able to make use of the “QUERY_ALL_PAKCAGES” permission level if “core user-facing functionality or purpose, requires broad visibility into installed apps on the user’s device.” This could include file management apps, antivirus offerings, and banking or financial institution applications. Chances are that if a Flappy Bird clone wants to access all of that information, the Google review team will simply reject the app.
Once an app has been rejected, Google will then require the developer to remove that permission request from the app’s manifest before going through the review process again. It’s currently unclear if Google will actively scan existing apps on the Play Store for this permission level and start contacting developers of apps who don’t fit the new criteria.