We recently published a blog post with our reaction to the new Google Developer Program and how it impacts your freedom to use the devices that you own in the ways that you want. The post garnered quite a lot of feedback and interest from the community and press, as well as various civil society groups and regulatory agencies.
In this post, I hope to clarify and expand on some of the points and rebut some of the counter-messaging that we have witnessed.
Google’s message that “Sideloading is Not Going Away” is clear, concise, and false
Shortly after our post was published, Google aired an episode of their Android Developers Roundtable series, where they state unequivocally that “sideloading isn’t going anywhere”. They follow-up with a blog post:
Does this mean sideloading is going away on Android? Absolutely not. Sideloading is fundamental to Android and it is not going away.
This statement is untrue. The developer verification decree effectively ends the ability for individuals to choose what software they run on the devices they own.
It bears reminding that “sideload” is a made-up term. Putting software on your computer is simply called “installing”, regardless of whether that computer is in your pocket or on your desk. This could perhaps be further precised as “direct installing”, in case you need to make a distinction between obtaining software the old-fashioned way versus going through a rent-seeking intermediary marketplace like the Google Play Store or the Apple App Store.
Regardless, the term “sideload” was coined to insinuate that there is something dark and sinister about the process, as if the user were making an end-run around safeguards that are designed to keep you protected and secure. But if we reluctantly accept that “sideloading” is a term that has wriggled its way into common parlance, then we should at least use a consistent definition for it. Wikipedia’s summary definition is:
the transfer of apps from web sources that are not vendor-approved
By this definition, Google’s statement that “sideloading is not going away” is simply false. The vendor — Google, in the case of Android certified devices — will, in point of fact, be approving the source. The supplicant app developer must register with Google, pay a fee, provide government identification, agree to non-negotiable (and ever-changing) terms and conditions, enumerate all their current and future application identifiers, upload evidence of their private signing key, and then hope and wait for Google’s approval.
... continue reading