google now requires user data to be submitted by developers on android
from solomonschuler@lemmy.zip to privacy@lemmy.ml on 09 Jan 02:37
https://lemmy.zip/post/56624783

<img alt="" src="https://lemmy.ml/api/v3/image_proxy?url=https%3A%2F%2Flemmy.zip%2Fpictrs%2Fimage%2F4a62f686-6cc8-4eb6-a486-7380dc121a98.avif">

I saw this message on obtanium when trying to update arcanechat. Fuck my life I’m so pissed off right now.

#privacy

threaded - newest

Lemmchen@feddit.org on 09 Jan 02:55 next collapse

That’s a) old news and b) not user data

ryper@lemmy.ca on 09 Jan 02:58 next collapse

Google has announced that, starting in 2026/2027, all apps on “certified” Android devices will require the developer to submit personal identity details directly to Google.

The requirement is that developers submit their own personal identity details to Google, not users’ personal identity details. It’s explained on the linked site:

In August 2025, Google announced that starting next year, it will no longer be possible to develop apps for the Android platform without first registering centrally with Google. This registration will involve:

Paying a fee to Google
Agreeing to Google’s Terms and Conditions
Providing government identification
Uploading evidence of the developer’s private signing key
Listing all current and future application identifiers

darcmage@lemmy.dbzer0.com on 09 Jan 03:20 next collapse

Yes this sucks but before we pick up the pitchforks again, let’s just see what comes of this:

While security is crucial, we’ve also heard from developers and power users who have a higher risk tolerance and want the ability to download unverified apps. Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified. We are designing this flow specifically to resist coercion, ensuring that users aren’t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months.

…googleblog.com/…/android-developer-verification-…

eager_eagle@lemmy.world on 09 Jan 03:47 collapse

Providing government identification

I don’t think so, big brother

I’m feeling again a sudden urge to buy a small countryside house and live off the grid

Prove_your_argument@piefed.social on 09 Jan 04:31 collapse

Think they have a database of authentic identification to compare to?

secondly… how are they gonna tackle people sharing accounts? because i’ve met no small amount of devs in general that share accounts, especially if they are servicing clients and have some amount of turnover or the client has stringent yearly training or otherwise has access limits to only one or two accounts.

Finally.. how would they ever know if someone’s identity isn’t stolen? if a person is dead?

Ephera@lemmy.ml on 09 Jan 06:33 next collapse

F-Droid blog post on the topic: f-droid.org/…/google-developer-registration-decre…

It was posted before Google backpedalled somewhat, if I remember correctly.

chgxvjh@hexbear.net on 09 Jan 09:57 next collapse

Developer data, not user data, I believe. Unless this is a new thing. Hard to tell if you submit a screenshot instead of an article URL.

artyom@piefed.social on 09 Jan 22:25 collapse

Kinda old news but glad the word is still getting around.

Google has sort of pulled back on this, although they still haven’t explained exactly how.