Google will ban Android VPN apps from its Play Store in November to disrupt or block ads, a change that could pose problems for some privacy applications.
The updated Google Play policy, announced last month, will take effect on November 1. It states that only apps that use the Android VPNService base class, which act primarily as VPNs, can open a secure device-level tunnel to a remote service.
However, such VPNs cannot “manipulate ads that may affect app monetization”.
The rules appear to be intended to deter data-grabbing VPN services, such as Facebook’s discontinued Onavo, and to prevent ad fraud. The terms and conditions state that developers must declare the use of VPNservice in the Google Play list of their apps, encrypt data from the device to the VPN endpoint, and comply with developer program policies, especially those related to ad fraud, permissions and malware.
Blokada, a Sweden-based maker of an ad-blocking VPN app, fears this rule will at least hinder the previous iteration of its software, v5 and other privacy-focused software.
“Google claims to be cracking down on apps that use the VPN service to track user data or redirect user traffic to monetize advertising,” Reda Labdaoui, marketing and sales manager at Blokada, wrote in a forum post last week.
“However, these policy changes also apply to apps that use the service to filter traffic locally on the device.”
Labdaoui suggests that Blokada v6, which launched in June, should not be affected as it filters in the cloud without violating Google’s device policies. But other apps may not be so lucky.
Labdaoui points to the DuckDuckGo Privacy Browser for Android, which is creating a local VPN service to block its App Tracking Protection tracker server connections, as a potential victim of the new Play policy.
DuckDuckGo isn’t convinced, though. “We don’t believe we are affected by the policy, but our team continues to review it,” said a company spokesperson. The register in an email.
Another app that may be affected is Jumbo for Android, which also appears to use VPN-related code to block trackers.
Google’s policy is not unique. Apple’s iOS App Store includes a similar requirement to use a specific VPN API called NEVPNManager, which is only available to developers who are part of an organization, not to unaffiliated individual developers.
The iOS rules state: “You must make a clear statement about what user data is collected and how it will be used on an app screen before users take any action to purchase or otherwise use the service. Apps that offer VPN services, may not sell, use or disclose data to third parties for any purpose, and must abide by this in their privacy policies.”
While Apple’s VPN rules don’t specifically address ad interference, it’s likely that the iOS guidelines leave plenty of room for interpretation that Apple could ban an iOS app that interferes with the operation of other apps, if it’s so inclined. used to be.
Google has for years banned Android apps that block ads in other Android apps (excluding browsers), and the Chrome Web Store includes language that can be used to ban ad-blocking extensions if Google so chooses. For example, “We do not allow content that harms or disrupts the operation of the networks, servers or other infrastructure of Google or third parties.”
However, Google has maintained that it wants developers to create “more secure and better performing ad blockers”, even though the upcoming Manifest v3 transition seems to make such extensions less suitable.
Google did not respond to a request for comment. ®