So long, Statistexts
Google Play Policy Updates and Unpublishing Statistexts
The Problem
About a month and a half ago (October 08, 2018), Google updated their Developer Program Policies and mentioned the updates in the a blog post. The overall gist is that Google wants to ensure users have a safe and secure experience and stop developers from potentially abusing the SMS and Call Log permissions groups. Personally, I am on the fence about these actions. I think that the user should be able to decide which permissions to allow or disallow rather than having the Play Store manage this but at the same time, many users just click accept when they are prompted to allow a permission even if no use case has been explained.
I wasn’t immediately notified that I did need to take action, however. Normally, I don’t actively monitor the developer blog directly and only learned of the issue when the developer for Tasker, an automation app, made this post on the Tasker subreddit and cross-posted it to /r/androiddev around November 11th. At first I wasn’t actually sure whether or not this applied to Statistexts since I had not received any correspondence from Google in my developer inbox but I decided to fill out the Permissions Declaration Form just in case. Statistexts’s use case wasn’t listed in either any of the lists (Intended uses, Exceptions, or Invalid uses) on the Play Console help page about the use of SMS and Call Log permissions, so I figured if I argued my use case well enough, it might get a pass.
Statistexts
For those that are unfamiliar, Statistexts is an application that I created in order to analyze text messages and provide information such as how quickly your contacts text you back. More information about its feature can be found at its website which I probably won’t take down (at least for a long while). It’s been my pet project for quite a long time and was actually my first Android development project. My first release for version 1.0 was on May 14, 2015 but the first commit on the project was in December 2014. I had actually had the idea a few months prior but didn’t know the first thing about mobile development at the time.
Since v1.0, a lot has happened in regards to my skills as Android developer. I graduated college and have worked two separate Android development jobs professionally. I think I’ve grown quite a bit as developer in that time and Statistexts has been my toy project the entire time. Any time I was interested in a newly popular architectural pattern (which seems like is every few months on Android), I would try it out by by basically rewriting Statistexts. When I learned new things, I would try to incorporate them in order to solidify my knowledge. I’ve probably rewritten some of the files dozens of times. It’s not the perfect application and doesn’t have the world’s best UI but I was working on it and I would be lying if I said I wasn’t attached to it.
Application Results
A few days after I put in my application for an exception, I saw the Tasker dev post this update saying that they were in touch with Google’s policy team and people were actually looking at the Permission Declarations applications and weren’t just auto-rejecting them, which was pretty reassuring. Shortly thereafter, new listings were added to the exceptions list on the help page including Task Automation, meaning that Tasker should be in the clear and everything will work out for them. Unfortunately, a few new items were added in the “Invalid uses” list as well (or perhaps I had missed them the first time?) included Contact prioritization and social graphs. I’m not 100% sure, but I think Statistexts falls into the social graph category so I thought that I might be out of luck.
A week or so after I first submitted my Permissions Declaration Form, I received an email with the results which stated “We evaluated your declared feature Analysis of Text Messaging, however we determined it is not eligible for exceptions.” Funnily enough, later the same day was the first time I was officially notified by Google that I had to comply in the first place which was over a month after the policy change in the first place.
The deadline for compliance is January 9, 2019 at which time offending applications will be removed from the Play store. At this point, I was faced with only 2 options : Submit a new permissions declaration form or unpublish Statistexts voluntarily. There is technically a third option which involves removing the SMS permissions that Statistexts uses but since that is its only feature, this option is no good. Because the email declining my permissions form was so vague, I wasn’t actually sure what intended use they were categorizing my app into. Further, I’ve been a bit busy lately on other projects so I don’t have time to change my app drastically enough to force it into another group such as ‘Task Automation’ or ‘Backup and restore’ so I decided that it would probably be best to just unpublish Statistexts.
Consequences
Luckily, I actually have a day job in which I do Android Development. If my own personal apps were my only source of income, this would be a huge blow to me. Fortunately, monetizing Statistexts never really worked out so I turned off ads completely after I’d only received a little over $7 in ad revenue in a year or so. My app has a small enough user base that I never even had the option to quit my day job and focus on it solely. Which is somehow a good thing now, oddly enough.
Although things have worked out for Tasker and multiple other developers, I’m sure there are those affected that will fall into the same ‘Invalid uses’ category that I have after years of maintaining their actually profitable applications. They won’t be as lucky as me and might actually make a living off of their applications and this will be a big issue for them. Of course, we can list our apps elsewhere such as the Amazon Appstore or even Fdroid if we decided to open source but these platforms have many less users and will be much less profitable. Google has a virtual monopoly on Android application distribution and although it might not be a bad thing per se, it means that at any point Google can change the rules as they see fit. Statistexts has been in the clear for almost 4 years at this point and although the user base is pretty small, the users have seemingly liked the application’s features. Now policy updates will force it and many other apps to be delisted.
This leads me and others to start asking some questions. What happens in the future? Will other permissions be removed later on? I’m currently working on a new application for creating notifications. Should I hesitate when adding new features if they will require new permissions? I’m not sure. I want to be able to build cool new things using existing permissions and know that they will be safe from this kind of thing in the future, but I think right now that’s pretty hard to guarantee.
I will be removing Statistexts from the app store in early January, but until then it will remain available on its Google Play page. In the coming months I will decide whether I keep updating it and if I do where I will distribute it. I’m also considering open sourcing it since I’ve always wanted to try that out. Going forward, I’ll continue to worry about what features are safe to add in new apps and the precedent that Google’s actions are setting. At least I learned A LOT working on Statistexts over the years and some users found it helpful. That’s about all I could hope for as a developer.
So long, Statistexts, and thanks for everything
