Google are making some changes to the Developer Program Policy to make it more difficult for apps to see the other apps installed on an Android device. Google considers the full list of apps installed on a device to be sensitive, personal information. As such, the company will limit access to that information. Specifically, Google plans to limit access to the request QUERY_ALL_PACKAGES permission. This permission is required for apps targeting API level 30 and above that want to obtain a list of apps on an Android device running Android 11 or later.
In the future, only apps that have a core functionality that depends on querying the list of installed apps will have access to the QUERY_ALL_PACKAGES permissions. Google says that app developers must sufficiently justify why a less intrusive method of app visibility will not sufficiently enable your app’s policy-compliant user-facing core functionality.”
Apps that fail to meet the requirements set out by Google must have the permission removed from the manifest to adhere to the Play Policy. Even when apps meet the requirements for the permission, the app developer must sign a declaration form in the Play Console to get approval. Failing to submit the form and failure to meet the policy requirements could mean an app is removed from the Google Play Store.
The new changes come into effect on May 5th, 2021. The policy is a welcome change for privacy advocates as it makes it harder for apps to spy on what you have on your device. The information can be used for targeted advertising or malicious purposes.
Google currently requires apps that request SMS information and Call Log permissions to sign a declaration form before being published to the store. This new change to app package visibility is one of the most recent steps Google has taken to preserve user privacy.