Steer clear of Android Market and its DRM

Google recently made headlines after they identified some malware being distributed through the Android Market. Not only did they stop distributing those apps, but they used their “remote kill switch” to remove the apps from phones where they were already downloaded. This is a kind of Digital Restrictions Management (DRM) that all computer users should avoid.

In this case, the DRM is being used to prevent developers from breaking phones’ security and collecting personal information without authorization. Those are laudable ends, but they don’t justify the means: anyone using the Android Market gives Google the power to remove software from their phones, and Google expressly reserves the right to do so whenever an app violates the Market’s policies. The same functionality is present in Apple’s iPhone and the Amazon Kindle. It’s just as bad here.

This is just one problem that stems from the sad fact that the Android Market is proprietary software. While most of the core Android operating system is free software, many popular apps like Google Maps and Android Market that are included with most Android phones are proprietary. People who want to use an Android phone but avoid these handcuffs need to take extra care to avoid these apps. Fortunately, unlike the iPhone or Kindle, users can install apps like F-Droid, which make it easy to install and update more free software on those phones.

Some people have asked us whether the Market’s DRM makes it impossible to distribute GPLed software through the App Store. It’s an understandable question, since restrictions in other mobile app stores have clashed with the GPL’s terms before. These terms do hurt users’ freedom, but they don’t create a conflict with the GPL specifically. The relevant term in the Android Market Terms of Service is 2.4; it says:

From time to time, Google may discover a Product on the Market that violates the Android Market Developer Distribution Agreement or other legal agreements, laws, regulations or policies. You agree that in such an instance Google retains the right to remotely remove those applications from your Device at its sole discretion.

When we evaluate whether a particular term creates a “further restriction” that could potentially violate the GPL, we’re checking to see whether it restricts the user from exercising a right granted in the GPL. This usually happens one of two ways: either the activity is prohibited outright (e.g., a term says “You may not distribute the software”), or the term places conditions on that activity that don’t exist in the GPL (e.g., a term says “You must pay us a fee when you distribute the software”).

This specific term does neither of those things. The GPL does grant users the right to run and use the software, but this term does not legally, directly restrict that right. Once you have a copy of the software, you can run it wherever you’re able. You’ll even be able to run it on a phone where it was previously banned, if you remove the Android Market first. The term gives Google some control of your phone specifically, but it doesn’t limit your right to use the software generally.

To reiterate: that surrender of control still hurts users. It just does not constitute a “further restriction” under the GPL’s terms. We encourage everyone to avoid using the Android Market because of this. If you’re distributing GPLed software for Android, make sure users can get it outside the Market—either through your own web site, or through repositories like F-Droid.

This article was originally published on Free Software Foundation.

Related Posts

FTC’s New Privacy Report Endorses “Do Not Track” Mechanism to Empower On... This morning, the Federal Trade Commission released its long-anticipated privacy report. The report is the final result of a series of FTC privacy ro...
Building a Distributed, Decentralized Internet – A Roadmap I know that I'm not Patrick, and I don't pretend to speak for anyone but myself here. I just want to say that I share Patrick's belief in the radical ...
Be Confident Storing Information in the Cloud Over the past few years, information explosion has inhibited organizations’ ability to effectively secure, manage and recover data. This complexity is...
Why Ubuntu Business Desktop Remix will be a tough sell Ubuntu Business Desktop Remix is an edition of Ubuntu Desktop tweaked for use by institutional or business users. It was announced by Mark Shuttlewort...
Wikileaks Mirror Taken Down: Host Buckles Under Demands from Upstream Provider Wikileaks isn't the only site struggling to stay up these days because service providers are pulling their support. It appears that at least one perso...
How To Stop Domain Names Being Seized By The US Government As the United States authorities continue with their domain name seizure policy, file-sharing, streaming and link site operators around the world are ...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


2 Comments

  1. SixDegrees

    Nothing stifles creativity and advancement in the software industry quite as effectively as the FSF. If it weren’t for Dick Stallman, Linux would control a significant chunk of market share by now. Thanks to the GPL’s every increasing stranglehold on market freedom, though, we’re stuck with a widely ignored backwater in the OS world.

Leave a Comment

Your email address will not be published. Required fields are marked *

*