Parental control app Boomerang repeatedly blocked from Play Store, losing business – ProWellTech
Apple isn’t the only one accused of launching competitive solutions from its App Store. Google has done the same – at least for over a month – or so claims Boomerang, a parental control app maker. The company’s product competes with Google’s Family Link solution for controlling the viewing time and use of mobile devices by children. The company claims that Google has repeatedly removed its application from the Play Store for a variety of problems, including violations of Google’s “Misleading Policy” which refers to users’ inability to easily remove the application from their own. Android device.
The problem in itself is complicated and an indication of how poor developer communication processes can make an existing problem worse, leading developers to complain of anti-competitive behavior.
Like Apple, Google also has a set of rules that developers must agree to publish apps on the Google Play Store. The difficulty is that these rules are often applied randomly or irregularly, requests for appeals are accepted without automated answers or responses, and in the end, there is no way for a developer to reach out to a human being and have a real discussion. .
You can remember a similar situation involving screen time apps affecting a group of screen time app producers last year. Apple suddenly removed a number of third-party screen control and parental controls apps, shortly after introducing its Screen Time solution in iOS 12. The company’s move was introduced during last week’s antitrust hearings. in Congress, where Apple CEO Tim Cook insisted Apple’s decision was due to the risk to users’ privacy and security caused by these apps.
The case with Boomerang it’s not that different. A developer is expelled from the Play Store and seems to have no way to intensify the appeal to a real human being to further discuss the nuances of the situation.
The ban on the boomerang
To begin with, we recognize that it makes sense that the Play Store has a policy against apps that are difficult to uninstall, as this would allow for a variety of malware, spam and spyware applications and will torment users.
However, in the case of a parental control solution, the reality is that parents don’t want their children to have the option to simply uninstall the program. In fact, Boomerang added the feature based on parental user feedback.
Google itself puts Family Link controls behind a parental PIN and requires parents to sign in to their Google account to remove the child’s account from a device, for example.
Boomerang’s app required a similar course of action. In “Parent Mode”, parents activate a switch that says “prevent uninstalling the app” in the app Settings to make protection on the child device non-removable.
But despite the obvious use case provided here, the Boomerang app has been repeatedly marked for the same reason “unable to uninstall the app” from the Play Store app review process when it sent updates and bug fixes.
This started on May 8, 2020 and took over a month to resolve. The developer, Justin Payeur, filed the first appeal on May 11 to check if the ban had just been activated by Google’s “app review robots”. On May 13, the app was re-approved without any human response or feedback to the appeal message it sent to Google.
But then on June 30 Boomerang was again reported for the same reason: “unable to uninstall the app”. Payeur presented a second appeal, explaining that the function is not active by default: this is where parents can use it if they wish.
On July 6, Boomerang had to inform users of the problem, as they were increasingly frustrated by not being able to find the app on Google Play. In an e-mail from the customer who did not mince the words, Boomerang wrote: “Google has become evil.” Complaints from users say that if the app didn’t offer the “prevent uninstall” feature, it wouldn’t be worth using.
On July 8, Boomerang received a response from Google with additional information, explaining that Google does not allow apps that change the user’s device settings or features external to the app without the user being aware of it. In particular, he also mentioned the use of the “Google Accessibility Services API” app in order to violate the terms of the Play Store. Google said the app would not be approved until it removed the functionality that prevented a user from removing or uninstalling the app from their device.
This requirement, although rooted in user safety, disadvantages parental control apps compared to Google’s Family Link offer. As Google’s help documentation indicates, removing a child’s account from an Android device requires parents to enter a passcode: it cannot simply be uninstalled by the end user (the child).
Boomerang later that day received a second infringement notification after modifying the app to be explicitly clear to the end user (the son) that the device administrator (a parent) would have been allowed to control the device, mimicking other apps that Boomerang said were still active on Google Play.
After two more days of no response from the appeals team, Boomerang requested a phone call to discuss. Google sent a short email, saying it was merging the two active appeals into one, but no other information was provided on the appeal.
On July 13, Boomerang was informed that Google was still looking into the app. The company replied again to explain why a parental control app would have such a function. On the same day, Boomerang was notified that previous versions of his app in the internal test area in the Play Console were rejected. These versions were never published live, the company says. Refuse indicated that Boomerang was “degrading device security” with its app.
The next day, Boomerang informed his user base that it may be necessary to remove the desired function and sent an email again to Google to emphasize again that the app now includes clear consent.
Despite not making any changes, Google reports Boomerang on July 16 in violation of the “Abuse of Elevated Privileges” section of the Google Play malware policy. On July 19, the company removed the app’s additional protection feature, and on July 21, Google again rejected the app for the same violation, due to a feature that had been removed.
Despite repeated emails, Boomerang did not receive any messages from Google until an automated email arrived on July 24th. Again, Google did not send any response to emails in which Payeur explains that the violation feature had been removed. Even emails repeated until July 30 were not answered.
After hearing about Boomerang’s problems, ProWellTech asked Google on July 27 to explain their reasoning.
The company, after a few follow-ups, told ProWellTech on August 3 that the problems with Boomerang – as Boomerang’s emails later said – were related to how the app implemented its features. Google doesn’t allow apps to abuse “elevated privileges”. And it doesn’t allow apps to abuse Android accessibility APIs to interfere with basic operations on a device.
Google also said it doesn’t allow it whatever app to use the same mechanism as Boomerang, including that of Google. (Of course, Google apps have the advantage of deep integrations with the Android operating system. Developers can’t tap into some sort of “Family Link API”, for example, to get a similar ability to control a child’s device. )
“We recognize the value of supervising apps in various contexts and developers are free to create this experience with adequate guarantees,” said a Google spokesman.
More generally, Boomerang’s experience is similar to that of iOS apps for parental control passed last year. Like those apps, Boomerang also came up against security protection designed to protect an entire app store from offensive software. But the general rule leaves no room for exceptions. Google, meanwhile, claims that its operating system security shouldn’t be “circumvented” in this way. At the same time, however, it offered no official means of interacting with its operating system and parental screen / time control functions. Instead, alternative screen time apps need to figure out how to basically hack the system to exist in the first place, although there is a clear consumer demand for their offerings.
The particular case of Boomerang also reveals the complexities related to having or dying a business for the vagaries of an app review process.
It’s easy enough to argue that the developer should have simply removed the feature and moved on, but the developer seemed to believe that the functionality would be fine, as demonstrated by previous approvals and approval received on at least one of his appeals. In addition, the developer has an incentive to fight for the feature because it’s something that users have said they want – or rather, what they asked for, to make the app worth paying.
If someone from Google had just picked up the phone and explained to Boomerang what was wrong and what alternative methods would have been allowed, the case may not have dragged on this way. In the meantime, Boomerang has probably lost user trust and its removal has certainly affected its business in the short term.
Reached for a follow-up, Payeur expressed continued frustration, despite the app being re-approved for the distribution of the Play Store.
“It took more than a month for Google to provide us with this feedback,” he said, referring to the prohibited use of APIs which was the real problem. “We are currently digesting this,” he said, adding how difficult it was to not be able to talk to Google teams to get proper communication.ication and feedback in the past few weeks.
Boomerang has started collecting the names of other apps with similar impact, lile Filter Chrome, Minder Parental Control and Netsanity. The company claims that other apps can contact privately to discuss, if they prefer.