Mobile Unwanted Software
At Google, we believe that if we focus on the user, all else will follow. In our Software Principles and the Unwanted Software policy, we provide general recommendations for software that delivers a great user experience. This policy builds on the Google Unwanted Software policy by outlining principles for the Android ecosystem and the Google Play store. Software that violates these principles is potentially harmful to the user experience, and we will take steps to protect users from it.
As mentioned in the Unwanted Software policy, we’ve found that most unwanted software displays one or more of the same basic characteristics:
- It is deceptive, promising a value proposition that it does not meet.
- It tries to trick users into installing it or it piggybacks on the installation of another program.
- It doesn’t tell the user about all of its principal and significant functions.
- It affects the user’s system in unexpected ways.
- It collects or transmits private information without users’ knowledge.
- It collects or transmits private information without a secure handling (for example, transmission over HTTPS)
- It is bundled with other software and its presence is not disclosed.
On mobile devices, software is code in the form of an app, binary, framework modification, etc. In order to prevent software that is harmful to the software ecosystem or disruptive to the user experience we will take action on code that violates these principles.
Below, we build on the Unwanted Software policy to extend its applicability to mobile software. As with that policy, we will continue to refine this Mobile Unwanted Software policy to address new types of abuse.
Transparent behavior and clear disclosures
All code should deliver on promises made to the user. Apps should provide all communicated functionality. Apps should not confuse users.
- Apps should be clear about the functionality and objectives.
- Explicitly and clearly explain to the user what system changes will be made by the app. Allow users to review and approve all significant installation options and changes.
- Software should not misrepresent the state of the user’s device to the user, for example by claiming the system is in a critical security state or infected with viruses.
- Don’t utilize invalid activity designed to increase ad traffic and/or conversions.
- We don’t allow apps that mislead users by impersonating someone else (for example, another developer, company, entity) or another app. Don’t imply that your app is related to or authorized by someone that it isn’t.
Example violations:
- Ad fraud
- Social Engineering
Protect user data and privacy
Be clear and transparent about the access, use, collection, and sharing of personal and sensitive user data. Uses of user data must adhere to all relevant User Data policies, where applicable, and take all precautions to protect the data.
All apps must comply with all Google Play Developer Program Policies, including user and device data policies such as User Data, Permissions and APIs that Access Sensitive Information, Spyware, and SDK Requirements.
- Do not request or deceive users into turning off device security protections such as Google Play Protect. For example, you must not offer additional app features or rewards to users in exchange for turning off Google Play Protect.
Do not harm the mobile experience
The user experience should be straightforward, easy-to-understand, and based on clear choices made by the user. It should present a clear value proposition to the user and not disrupt the advertised or desired user experience.
- Don’t show ads that are displayed to users in unexpected ways including impairing or interfering with the usability of device functions, or displaying outside the triggering app’s environment without being easily dismissable and adequate consent and attribution.
- Apps should not interfere with other apps or the usability of the device
- Uninstall, where applicable, should be clear.
- Mobile software should not mimic prompts from the device OS or other apps. Do not suppress alerts to the user from other apps or from the operating system, notably those which inform the user of changes to their OS.
Example violations:
- Disruptive ads
- Unauthorized Use or Imitation of System Functionality