In an open letter addressed to Google CEO Sundar Pichai from more than 50 organizations, concerns were expressed about Android vendors’ pre-installing “exploitative” apps, also known as bloatware on the Android phones they sell.
The group of organizations also include nonprofit organization The Tor Project, Amnesty International, Privacy International, Digital Rights Foundation, Google rival DuckDuckGo and more.
Together, they voiced their concerns about user privacy since these pre-installed apps cannot be deleted and come with “privileged custom permissions” that allow them to collect, share, and expose all the private user data without users’ consent or knowledge. Some of the bloatware receive permissions to access the microphone, camera, and location, without a user’s consent.
Android Users Are Vulnerable to Exploits, Private Data Is At Risk
The open letter was signed by 53 organizations, stating their concerns about the vulnerability of users that own an Android smartphone filled with bloatware:
“We are concerned that this leaves users vulnerable to the exploitative business practices of cheap smartphone manufacturers around the world.”
Back in March 2018, an extensive research paper revealed that 91% of the pre-installed apps they had tested weren’t even available on Google Play, although the phones that were used for the tests were protected by Google Play Protect.
Google Can Solve This Issue, The Open Letter Offers Solutions
To solve this issue, Google has been asked to create new rules and restrict Android vendors that preinstall bloatware, and let users permanently uninstall their pre-installed apps. Moreover, they want all those apps that come preinstalled on Android devices to be available on Google Play and adhere to the same rules as others:
- “Individuals should be able to permanently uninstall the apps on their phones. This should include any related background services that continue to run even if the apps are disabled.”
- “Pre-installed apps should adhere to the same scrutiny as Play Store apps, especially in relation to custom permissions.”
- “Pre-installed apps should have some update mechanism, preferably through Google Play and without a user account. Google should refuse to certify a device on privacy grounds, where manufacturers or vendors have attempted to exploit users in this way.”
Among the other organizations, we saw universities, privacy groups, consumer protection bodies, media outlets, and there is also a petition page available for all Android users to sign it and voice their concerns during this campaign.