Android updates its app permissions procedures based on developer feedback

In an effort to give users more control over their Android devices, Google has been making changes to its requirements for app permissions.

From the start, Google wanted to make Android an open-source operating system, but as it’s grown, every decision made has also come with tradeoffs. “Users want more control and transparency over how their personal information is being used by applications, and expect Android, as the platform, to do more to provide that control and transparency. This responsibility to users is something we have always taken seriously, and that’s why we are taking a comprehensive look at how our platform and policies reflect that commitment,” the Android team wrote in a post.

It will be putting more of a focus on reviewing permissions. For the past few years, Android has required developers to state why they need each permission that their apps request. Last year, it restricted SMS and Call Log permissions to a few use cases.

It received feedback on the new procedures, such as the fact that the permission declaration form was confusing to use, the timeline for appealing a decision was too long, and many developers felt that they were getting automated responses, rather than interacting with a human.

“While these changes are critical to help strengthen privacy protections for our users, we’re sensitive that evolving the platform can lead to substantial work for developers. We have a responsibility to make sure you have the details and resources you need to understand and implement changes, and we know there is room for improvement there,” the Android team wrote.

In response to this, it will be revising the emails it sends for rejections to be more detailed so that developers can know why a certain decision was made, how they can change their apps to comply, and how to appeal a decision. Enforcement emails will also include instructions on how to make appeals.

It will also grow its communication team so that there will be more people to personally respond to requests, rather than relying on an automated system for this.

Additionally, it will begin evaluating disabled developer accounts because some developers have been wrongly blocked from distributing apps. “While the vast majority of developers on Android are well-meaning, some accounts are suspended for serious, repeated violation of policies that protect our shared users. Bad-faith developers often try to get around this by opening new accounts or using other developers’ existing accounts to publish unsafe apps. While we strive for openness wherever possible, in order to prevent bad-faith developers from gaming our systems and putting our users at risk in the process, we can’t always share the reasons we’ve concluded that one account is related to another,” the Android team wrote.