I updated my application and submitted it to Google for publication on the Play store. Google wants me to fill in a Permissions Declaration form for coarse location permissions. Coarse location permission appears to be required by blue tooth communications for a reason not understood by me.
My application itself does not use any location information. I am trying to fill out the declaration as best I can but it is also requiring a 30 second video targeting consumers letting them know what and why location is being used.
Does anyone have insight into how to explain this to consumers?
Related
Our app for navigation: minSdkVersion 21, targetSdkVersion 30. We have no services in the background, we remove our updatelistener in onPause() and we request only location permission ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION, so we should never be even able to use a location in the background. So far the theory. In the App COntent section we indicated we indeed don't use locations in the background and there the questionnaire does not continue, as the interaction flow ended there successfully.
But Google just removed our app from the Play store as it believes it is violating the policy about using the device location in the background. The Developer Permission Declaration in de Play store has a Sensitive App Rights section mentioning "Location rights: not used in the background".
In interaction with Google - very cumbersome - we got this after weeks:
We found that your app is not compliant with the Location Permissions policy, or we were unable to review and verify your in-app experience for compliance with this policy.
If you have determined that your app does not require location in the background, complete the following steps to remove background usage and reach compliance:
For any APK targeting Android 10 or newer (SDK level 29 or higher):
Remove the ACCESS_BACKGROUND_LOCATION permission from your app APK or app bundle
[If minimum SDK level is 28 or lower] If you’re using ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION, examine your code paths and restrict usage to foreground purposes only (learn more)
You should no longer see the Location declaration listed under App Content
For any APK targeting Android 9 or older (SDK level 28 or lower):
If you’re already using ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION, examine your code paths and restrict usage to foreground purposes only (learn more)
In your console declaration, select “No” to the question “Does your app access location in the background in APKs or app bundles targeting Android 9 or older?”
We believe we did exactly that. ANy interaction over email takes days and always goes into a loop, back to square one.
Our questions:
Could it be that the MapBox library 6.6.0 uses locations in the background? We don't call their code to initialize any fetching of locations, as we update the map position ourselves.
Is there any way of determining where the violation - if at all - takes place?
Any other improvements that may help?
One month ago Google Play Console rejected my latest update and said that it is not compliant with the location in the background policies.
More precisely, the google email reports " If your app is not eligible to access location in the background or does not meet requirements for accessing location in the background, please remove the permission from your manifest and in-app functionality."
I used the background location permission for scanning BLE in ionic app (https://github.com/don/cordova-plugin-ble-central ).
I removed the background location permission (ACCESS_BACKGROUND_LOCATION) from cordova plugin because, after some test, is effectively not really necessary. However, are necessary other location permission (ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION) so I would like to know if is equally necessary to display a prominent disclosure through a pop-up alert before my app’s location runtime permission.
I tried to send an issue ticket to google developer support on April 14th, but I have not received a reply.
If you target Android API version 28 or lower, ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION implicitly implies background location permission and you must hence follow all the rules for that.
If you target Android API version 29 or higher and do not have ACCESS_BACKGROUND_LOCATION in your manifest, you will automatically comply to Google Play's background policies (since you are then not affected by them).
I have currently some troubles to make my app comply with the new "Google Background Location Policy".
Here is my situation :
My application is targeting Android Api 22 and Up
I have the following permissions required in my app : ACCESS_FINE_LOCATION
I need this permission to display the User position in a Map while the app is in Foreground and for Bluetooth Low Energy usage
I do not fetch location while the app is in Background
I don't understand how to setup the Google Play Console.
The only cases I can see are the following :
My application use location and is available starting from API 29, but do not require the ACCESS_BACKGROUND_LOCATION permission.
My application don't use Location and don't have any *_LOCATION permissions.
I am missing the case where :
My Application is available starting from API 22, So I don't have the ACCESS_BACKGROUND_LOCATION permission. But my app requires location permission in foreground and uses Bluetooth, so I need the ACCESS_FINE_LOCATION permission. I never request location in the background.
I guess the application already comply with the "Background Location Policy" since the app only fetch the location in foreground.
However my apps updates are always rejected due to this policy, so I am a little bit confused.
Why my app do not comply ?
Is it only because I have the permission ACCESS_FINE_LOCATION present in my app, and by default Google assume that the app request location in background ?
Do I need to restrict my app to Android 9 and older, in order to not get stuck with the automatic attribution of ACCESS_BACKGROUND_LOCATION permission?
Do I need to fill the Background Location Permission form in the Google Console and explain that I do not access location in the background ?
Something else ?
Thanks for your feedback on it.
try submitting and say you dont use background (declare foreground usage)
Probably you're requesting location update on a Service (even a foreground service)
This is kind of automatic scan from google.
Your app is targeting below API 29, uses ACCESS_FINE_LOCATION permission
is same with targeting API 29 and above and uses ACCESS_BACKGROUND_LOCATION
In my case, Google needed a video showing that the prominent disclosure was being displayed before requesting the runtime permission. The video needs to be uploaded to, say, YouTube and included in the Google Play console under App content->Permission declarations form->Video instructions. You also need to explain what triggers the request for background location permission.
Our app is trying to follow the new Designed for Children policy, which requires not requesting location permissions: https://support.google.com/googleplay/android-developer/answer/9893335?hl=en
We require bluetooth, and request location permissions in order to connect to bluetooth. In order to not have our app removed from the play store, we are supposed to remove the location permission request and switch to CompanionDeviceManager. However, CompanionDeviceManager is only available in API 26+, and we have many users on older versions.
Is there a way for us to release a different APK for phones on 25- vs on 26+? Does the Play store have any support for this, or would we have to basically maintain 2 separate apps on the play store? I know that you can usually branch in the source code based on version, but I haven't seen that it's possible to branch on what permissions are in the manifest.
I'm not entirely certain how this interacts with the Designed for Children policy, but there's actually a much easier way to target permissions to specific SDK versions than creating multiple APKs: the android:maxSdkVersion property on the <uses-permission> tag. You could simply set android:maxSdkVersion="25" on the location permission, and your app should no longer ask for that permission on API 26+.
Now that Android 6.0 becomes more popular among users, I've asked myself what the consequences of the selective permission granting are.
Let's assume I had a free ad-supported version of an app. It will obviously need internet permission to query ads. Now the user is able to deny that permission and apps could not be queried. The consequence I am thinking of is to deny app function if not all the permissions are granted. But this would make the permission model pointless for my app. It would be an "all or nothing" scenario. Is that thinking correct? I am interested in your thoughts.
Another thought I had was: Is the permission of internet access granted to AdMob automatically, by any chance? This would prevent users from disablings ads simply by takingvaway the internet permission. As AdMob is a Google company and this functionality is implemented in the Google Play Services, I guess that could be possible?! Any thoughts on this?
Let me know what you think.
Update: Admob also wants to have Location Info. So even though Internet does not need permission, the question still is interesting.
#mad: in android 6.0, your app never ask your to allow internet permission. because internet not part of user's privacy in android 6.0
(in sort user not able to deny internet permission) only on/off internet from device!
so don't worry about it. you app work same in android 6.0 as previous version of android.
you have to ask user for permission only if you are using, CAMERA, CONTACTS, LOCATION, MICROPHONE, Phone, STORAGE ...etc..
LOCATION: when you fetch location from your app and pass to any 3rd party app. in this case you must have to ask user to allow location permission. otherwise its not needed like Google Play service or In-App Purchease.(both fetch user location where app installed or product purchase but when we use both library in our app we must not have to ask location permission).