You may have seen recently that Google has issued a new decree requiring all Android developers, even if they don’t publish their apps on the Play Store, to register centrally with Google. This involves paying a fee, agreeing to non-negotiable terms, and uploading personal government ID documents.
One of the biggest alternative app stores is F-Droid, it focuses on privacy and free and open source apps. It has said that it cannot comply with the new measures by Google as it can't require developers to register with Google or take over application identifiers (which Google’s new plan includes), which would seize exclusive distribution rights. If implemented, F-Droid says that it will mean the end of the project and deprive users of thousands of verified apps, leaving them unable to install or update existing software.
Google says that its measures are intended to increase security against malware, calling it a security canard. F-Droid has questioned whether forced registration will really solve anything because lots of malware apps have been found in the Google Play Store over the years, demonstrating that corporate gatekeeping doesn’t mean users are protected. F-Droid also points out that Google already defends users against malicious third-party apps with the Play Protect services which scan and disable malware apps, regardless of their origin.
While not true for all alternative app stores, F-Droid already has strong security because the apps it includes are all open source that anyone can audit, the build logs are public, and builds are reproducible. When you submit an app to F-Droid, the maintainers help set up your repository properly so that when you publish an update to your code, F-Droid’s servers manually build the executable, this prevents the addition of any malware not in the source code.
The F-Droid project has said that it doesn’t believe that the developer registration is motivated by security. Instead, it thinks that Google is trying to consolidate power by tightening control over a formerly open ecosystem. It said that by tying application identifiers to personal ID checks and fees, it creates a choke point that restricts competition and limits user freedom.
In response, F-Droid has called on regulatory and competition authorities to look carefully into Google’s proposed activities to ensure the search giant isn’t trying to consolidate monopoly control. It also urges regulators to safeguard the ability of alternative app stores to operate freely to protect developers who can’t or will not comply with “exclusionary registration schemes.”
To ensure these matters get heard, F-Droid is calling on users and developers to write to political representatives, sign petitions, and make contact with the European Commission’s Digital Markets Act (DMA) team.
Source: F-Droid
13 Comments
Load the comments and join the conversation!
Read the comments, ask the editors questions, show respect and join the conversation.