Google has been getting hammered this year for monopolistic Android practices, yet they still have highly questionable ongoing initiatives.
Their losses so far this year:
- The EU successfully fined them €4.1 billion for anti-competitive practices in Android, including that Google required device manufacturers to pre-install Google Chrome and Google Search as a condition for giving their users access to the Play Store.
- Epic Games successfully sued them over their Play Store practices. This has resulted in upcoming changes in the US that include reduced commission rates and a requirement for the Google Play catalogue of apps to be shared with third-party app stores. Further news broke this week that the proposed settlement between Epic Games and Google was withdrawn, resulting in an additional requirement for the Google Play app itself to host third-party app stores.
Here's some ongoing initiatives I have encountered myself, which could see them back in court:
- Devices without Play Protect certification are unable to attain the MEETS_DEVICE_INTEGRITY or MEETS_STRONG_INTEGRITY labels in the Play Integrity API. This can result in app developers locking out all devices that haven't gone through Google's device certification programme. Thankfully, very few apps are currently requiring MEETS_STRONG_INTEGRITY.
- Google is replacing some CAPTCHA puzzles on websites with QR code scanning. For Android users, the device you scan the QR code with must have Google Play Services installed. So your browsing experience on your laptop is becoming affected by your choice of mobile device. I've encountered this QR code scan requirement once so far.
- Google is bringing in a requirement that Google-certified Android devices must only allow app installs from developers who have gone through Google's Developer Verification programme. This includes apps installed from third-party app stores. Most devices are Google-certified so they can give Play Store access to their users, but soon that same certification will lock out developers who have rejected Google's verification process.
I don't like how Android has been a treasure trove of user data for Google, and I also don't like when security features have a dual purpose of monopolising. In the past, we might see these initiatives and hope they are for our benefit. But now we have strong evidence from the courts that Google's past actions haven't put Android users and developers first. This is a strong motivation for engineers to contribute to the software ecosystem of de-Googled Android, including projects like GrapheneOS, F-Droid, Accrescent, and Obtainium.