Given its more open ecosystem, Android has become notorious for the rampant operation of all kinds of malware. Some of those even get past Google’s own scrutiny in reviewing apps for the Google Play Store. Those covertly try to hide their less than innocent behavior but it seems that a certain class of software has been operating out in the open under Google’s nose. Starting today, however, stalkerware apps are banned from the Google Play Store, except in cases when they’re allowed.
Stalkerware is the label given to apps that aren’t exactly Potentially Harmful Apps (PHAs) or malware but still track the owner’s use of a device, often without content or even a simple notification. Also called “spouseware” for their ability to spy on (allegedly) cheating partners, this class of apps can even include parental control and monitoring apps.
That is why when Google announced a new policy to ban stalkerware apps starting October 1 this year, it’s actually making an exception. Apps designed for parental monitoring and enterprise management can still be distributed on the Google Play Store but all of these need to still abide by some rules. They are, for example, required to present a persistent notification that the user is being tracked or monitored.
While a necessary exception to enable parental control and MDM apps to continue working, it could still be a loophole that less conscientious agents will be only too happy to exploit. It might not take much for an app to present itself as such while still be used to spy on other users. Of course, Google has other policies in place against such behavior but it remains to be seen how effective these new rules will be.
There are also updated policies against misrepresentation as well as gambling apps, the latter of which is limited to only a handful of countries. The latter two policies go into effect on October 21 and affected developers only have a grace period of 15 days to take action or be kicked out.