The F-Droid team recently published an open letter to Google, signed by 35 organizations, that expresses grave concern about what this change will mean for Android as a platform, but Google seems locked into its course of action. Even if a big chunk of independent developers boycott verification, Google may still plow ahead.
On an individual basis, there’s not much you as an Android user can do. You might be stuck letting Google police your apps, and you may not even think about it most days. That is, until you get stuck trying to install an app from someone else’s store without a reliable Internet connection or discover an open-source app you want to use is not verified.
Some developers may simply decide to abandon Android development, too. Nathan Freitas of the Guardian Project notes that the mobile web has gotten much better for developers in recent years. “We have moved a lot of our projects to progressive web apps because they can do more now,” said Freitas. “It’s like, ‘Can we do this in a browser?’ If so, then yes.”
Using more web apps could help, but the only way to truly opt out of Google’s verification system is to get off of Google’s version of Android. While there are some non-certified Android phones out there, such devices are usually rife with security vulnerabilities. So that doesn’t solve the problem. Installing a privacy-protecting alternative Android-based OS (sometimes called ROMs) like LineageOS or GrapheneOS could work. This gives you full control over the software running on your phone, but it’s getting harder to customize phones this way.
F-Droid’s Marc Prud’hommeaux sees Android ROMs as a very implausible solution to keeping open-source projects alive. Installing these software packages is beyond the abilities of most people, and device makers don’t exactly make it easy with locked-down products. “Every phone that you get is Android-certified, and many of those phones have locked bootloaders,” said Prud’hommeaux.
To a certain degree, these restrictions are inevitable for devices that connect to mobile networks. “The harm goes back to the telecoms and the mobile operators,” said Freitas, who explained that carriers have certain expectations and requirements for any baseband radio on their networks. “This thing has to work like a phone, and so we can’t just let it be a Wild West as a computer.”
If you can’t unlock the bootloader on your phone, you’re stuck with the stock software and any security changes implemented by Google and the device maker. And increasingly, it looks like they’re going to decide you need protection from yourself.