More than 50 organisations have asked Google to take action against Android vendors who pre-install “exploitative” apps aka bloatware on their devices. In an open letter submitted to Google CEO Sundar Pichai, the group of organisations that include search engine company and Google rival DuckDuckGo and nonprofit organisation The Tor Project have shown their concerns over vulnerabilities that users face due to pre-installed apps that cannot be deleted and collect, share, and expose their private data without prior knowledge or consent.
The signees have highlighted that pre-installed apps can come with “privileged custom permissions” that allow them to operate outside the default security model provided by Android.
“We are concerned that this leaves users vulnerable to the exploitative business practices of cheap smartphone manufacturers around the world,” the signees wrote in the open letter that has been signed by a total of 53 organisations.
The letter also cites a research conducted by experts back in March 2018 that showed as much as 91 percent of all tested pre-installed apps weren’t available on Google Play, despite the fact that the phones used for testing had Google Play Protect for security.
Google have been asked to impose new rules on Android vendors to restrict bloatware. The organisations in the letter urged Pichai to let individuals permanently uninstall the apps on their phones and bring pre-installed apps adhere to the same scrutiny as the apps available for download through Google Play. Further, they have mentioned that pre-installed apps should have update mechanism through Google Play without a user account, and Google shall refuse to certify a device on privacy grounds where it find manufacturers or vendors have attempted to exploit users through bloatware.
“We, the undersigned, believe these fair and reasonable changes would make a huge difference to millions of people around the world who should not have to trade their privacy and security for access to a smartphone,” the signees said in the letter.
The group of signees include various universities, privacy groups, consumer protection bodies, and journalism organisations. It is led by London-based charity Privacy International. Moreover, a petition page has been provided to let individuals and smartphone users add their voice to the campaign by signing up a petition.