2 min

Google will prevent Android VPN apps listed on the Play Store from tampering with or restricting advertising beginning in November. The shift may cause issues for privacy applications.

The revised Google Play policy, which was revealed last month, will go into force on November 1. It specifies that only apps using the Android VpnService base class and primarily acting as VPNs can establish a secure device-level link to a remote service.

Such VPNs won’t be able to manipulate advertisements, which might harm app monetization. The limitations appear to be designed to avoid ad fraud and discourage data-stealing VPN providers, such as Facebook’s now-defunct Onavo.

Consequences for ad and tracker blockers

The terms and conditions include that developers must declare the usage of VPN services in their apps’ Google Play listings, encrypt the data from the device to the VPN destination, and adhere to Developer Program Policies, notably those concerning ad fraud, permissions and malware.

Blokada, a Swedish company that develops an ad-blocking VPN app, is concerned that the law may impede its software and other privacy-focused applications.

Reda Labdaoui, marketing and sales manager at Blokada, stated in a forum post last week that Google is cracking down on applications that utilize the VPN service to gather user data or reroute user traffic in order to earn ad revenue.

Policy changes extend to apps that access the service locally

According to Labdaoui, Blokada v6, which was released in June, should be unaffected because it operates on the cloud without breaching Google’s device policies. Other apps, on the other hand, may not be so lucky.

Labdaoui cites the DuckDuckGo privacy browser for Android as a likely casualty of the new Google Play policy. The browser uses a local VPN service to restrict tracker server connections.

DuckDuckGo itself is unconvinced, saying it does not expect the policy to affect its software. The team nevertheless continues to examine the situation, according to a spokesperson’s comment to The Register.

Tip: Google makes developers responsible for privacy-friendly apps