December 7, 2022

Google Play rule change bans ad-blocking VPN apps • The Register

In November, Google will ban Android VPN apps in its Play Store from interfering with or blocking advertising, a change that could cause problems for some privacy apps.

The update Google Play Policyannounced last month, will come into effect on November 1. It indicates that only applications using Android VPNService base classand which operate primarily as VPNs, can open a secure tunnel at the device level to a remote service.

These VPNs, however, cannot “manipulate ads that may impact app monetization.”

The rules appear to be intended to deter data-logging VPN services, such as Facebook’s abandoned Onavo, and prevent ad fraud. The T&Cs specify that developers must declare use of the VPN service in their apps’ Google Play listing, must encrypt device data at the VPN endpoint, and must comply with Developer Program policies, in particular those related to ad fraud, permissions and malware. .

Blokada, a Swedish maker of an ad-blocking VPN app, fears the rule will hamper at least the previous iteration of its software, v5, and other privacy-focused software.

“Google claims to be cracking down on apps that use the VPN service to track user data or redirect user traffic to earn money from ads,” Reda Labdaoui, head of marketing and sales at Google, wrote last week. Blokada. a message on the forum.

“However, these policy changes also apply to apps that use the service to filter traffic locally on the device.”

Labdaoui suggests that Blokada v6, which launched in June, shouldn’t be affected because it filters in the cloud without violating Google’s device policies. But other apps may not be so lucky.

Labdaoui points to the DuckDuckGo privacy browser for Android, which creates a local VPN service to make its Application Tracking Protection block connections to the tracking server, as a potential victim of the new Play policy.

DuckDuckGo, however, is unconvinced. “We don’t believe we will be impacted by the policy, but our team continues to review it,” a company spokesperson said. The register in an email.

Another application that could be affected is Giant for Android, which also appears to be using VPN-related code to block trackers.

Google’s policy is not unique. Apple’s iOS App Store includes a similar requirement to use a specific VPN API, named NEVPNManagerwhich is only available to developers who are part of an organization, not individual, unaffiliated developers.

iOS rules state, “You must clearly state what user data will be collected and how it will be used on an app screen prior to any user action to purchase or use the service. Apps offering VPN services may not sell , use or disclose data to third parties for any purpose, and must commit to this in their privacy policy.”

While Apple’s VPN rules don’t specifically address ad interference, it’s likely that the iOS guidelines leave ample room for interpretation that Apple might ban an iOS app that interferes with the operation of other applications, if desired.

Google for years refuse Android apps that block ads in other Android apps (excluding browsers) and its Chrome Web Store understands the language which could be used to disallow ad blocking extensions if Google chose to do so. For example, “We don’t allow content that harms or interferes with the operation of Google’s or third-party networks, servers, or other infrastructure.”

However, Google has argued that it wants to let developers “create safer and more capable ad blockers,” though its pending Manifest v3 transition seems likely to make those extensions less capable.

Google did not respond to a request for comment. ®