Only apps whose core functionality revolves around photos and videos will be able to request users unrestricted access to their photo library, according to the updated Google Play policy announced on October 25.
“We consider core functionality to be the main purpose of an app. This means that the feature that you document in your app description is central to your app working and without it, your app won’t function,” Google explained on its developer support page. “Apps that are photo or video managers and gallery apps are the most commonly eligible apps to use these permissions,” Google added. These apps will have to pass Google’s appropriate access review.
All other apps that need one-time or infrequent access to photos and videos must use a system picker such as the Android photo picker. Such pickers are more privacy-preserving as only the photos and videos that a user selects on the picker are shared with the app.
Why does this matter: Many apps only occasionally require access to photos and videos. For example, for uploading a profile picture or uploading a document to complete a loan application. But these apps nevertheless gain access to the entire photo library of the user when the user gives permission and this access can be misused. The most alarming misuse of photo library permissions has been predatory loan apps that blackmail users with their morphed explicit photos when they fail to repay loans. Google has already restricted such loan apps from accessing photos and videos in a separate policy update that went into effect in June 2023, but the new policy brings privacy protection to all kinds of apps.
“Photos and videos on a user’s device are considered Personal and Sensitive User Data and should be treated with utmost privacy best practices. This sensitive information leaves users vulnerable to leaks or targets of exploitation, so minimizing this access helps avoid the burden on developers of handling such sensitive data.” — Google
When does this policy go into effect:
- Mid-2024: Apps with one-time or infrequent use of photos will have to start using a system photo picker and remove permissions to access the entire library from their app manifest.
- Early 2025: Only apps with broad access core functionality can request access to the entire library.
The new policy will only apply to apps downloaded from the Google Play Store, not to apps downloaded from other app stores or installed using APK files.
STAY ON TOP OF TECH NEWS: Our daily newsletter with the top story of the day from MediaNama, delivered to your inbox before 9 AM. Click here to sign up today!
- Google To Ban Digital Lending Apps From Accessing User Photos, Contacts, Location
- Google To Work With Industry Partners To Take Down Predatory Loan Apps On Play Store
- Google Play Store To Allow Real-Money Games Approved By Self-Regulatory Bodies In India
- Views: Why PhonePe’s Indus Appstore Can Challenge Google Play’s Dominance In India