Google has announced another privacy restriction for Play Store apps. Starting this summer, Android 11’s new Query_All_Packages permission will be marked as “sensitive” in the Play Store, which means that Google̵
On a support page, Google announced that “Apps whose primary purpose is to launch, search, or collaborate with other apps on your device may have appropriate visibility for other apps installed on your device.” Google has another page showing permitted uses of Play Store apps that query your app list, including “device searches, antivirus apps, file managers, and browsers.” The site adds that “apps that must detect all apps installed on the device, for awareness or interoperability purposes, may be eligible for the permission.” For apps that need to interact with other apps, Google wants developers to use more comprehensive app discovery APIs (such as all apps that support the x feature) instead of just dragging the entire app list.
There is also an exception for financial apps such as banking apps and P2P wallets, which the site says “can have wide visibility in installed apps only for security-based purposes.” We assume that this means scanning for root taps. The new policy also states that “[a]pp inventory data requested from Play-distributed apps can never be sold or shared for revenue generation purposes for analytics or ads. “
Our store, our rules
Using the Play Store as the developer’s interface is a fairly new tactic for Google. Sure, Google has full control over the operating system and can use that control to impose privacy restrictions on all apps, but when you just want to influence some by pushing a restriction on the Play Store apps, Google gives more detailed control over the permissions policy. The Play Store is the only universal Android app store (except China), and it’s the primary place most people get apps, so Play Store rules allow Google to build thicker walls around the fenced garden, while giving developers the opportunity to argue for their individual use cases. If end users do not like the rules, they will receive a page load and alternative app store escape hatch, which you would not get with an OS-based permission restriction.
In addition to this limitation on the app suite, the Play Store also marks several other APIs as “sensitive”, subjecting them to closer scrutiny and requiring some developers to justify their use. Apps that use powerful accessibility APIs, background location APIs, SMS and phone apps, and full file access APIs are all subject to Google’s individual approval.
Other applicable Play Store restrictions include a rolling API-level minimum policy that prescribes new and up-to-date apps that cannot use an API level older than one year. API levels are the most important way Android manages backward compatibility. New restrictions and features for each version of Android usually only apply to apps that are targeted at the API level, so nothing breaks. For example, the permission system only applies to apps that are targeted at API level 23 (Android 6.0) and up – older apps have no permission restrictions. When using maliciously, you can only target an old API level to send an app with more access to the system, but the Play Store policy to only block any submissions at older API levels prevents this.
Today’s limitation is a good example: The Query_All_Packages permission was added to Android 11, so it only applies to apps that target Android 11’s API level, which is “API level 30.” Of course, the Play Store restrictions only apply to apps that are targeted at API level 30 and up, which are probably not many apps right now. Shortly after Android 11 is one year old, though (in November 2021), the Play Store will make API level 30 the minimum API level for updating apps, so the permission and the new restrictions will apply to all apps that are currently maintained in the store.