Google recently made headlines after they identified some malware being distributed through the Android Market. Not only did they stop distributing those apps, but they used their “remote kill switch” to remove the apps from phones where they were already downloaded. This is a kind of Digital Restrictions Management (DRM) that all computer users should avoid.
In this case, the DRM is being used to prevent developers from breaking phones’ security and collecting personal information without authorization. Those are laudable ends, but they don’t justify the means: anyone using the Android Market gives Google the power to remove software from their phones, and Google expressly reserves the right to do so whenever an app violates the Market’s policies. The same functionality is present in Apple’s iPhone and the Amazon Kindle. It’s just as bad here.
This is just one problem that stems from the sad fact that the Android Market is proprietary software. While most of the core Android operating system is free software, many popular apps like Google Maps and Android Market that are included with most Android phones are proprietary. People who want to use an Android phone but avoid these handcuffs need to take extra care to avoid these apps. Fortunately, unlike the iPhone or Kindle, users can install apps like F-Droid, which make it easy to install and update more free software on those phones.
Some people have asked us whether the Market’s DRM makes it impossible to distribute GPLed software through the App Store. It’s an understandable question, since restrictions in other mobile app stores have clashed with the GPL’s terms before. These terms do hurt users’ freedom, but they don’t create a conflict with the GPL specifically. The relevant term in the Android Market Terms of Service is 2.4; it says:
From time to time, Google may discover a Product on the Market that violates the Android Market Developer Distribution Agreement or other legal agreements, laws, regulations or policies. You agree that in such an instance Google retains the right to remotely remove those applications from your Device at its sole discretion.
When we evaluate whether a particular term creates a “further restriction” that could potentially violate the GPL, we’re checking to see whether it restricts the user from exercising a right granted in the GPL. This usually happens one of two ways: either the activity is prohibited outright (e.g., a term says “You may not distribute the software”), or the term places conditions on that activity that don’t exist in the GPL (e.g., a term says “You must pay us a fee when you distribute the software”).
This specific term does neither of those things. The GPL does grant users the right to run and use the software, but this term does not legally, directly restrict that right. Once you have a copy of the software, you can run it wherever you’re able. You’ll even be able to run it on a phone where it was previously banned, if you remove the Android Market first. The term gives Google some control of your phone specifically, but it doesn’t limit your right to use the software generally.
To reiterate: that surrender of control still hurts users. It just does not constitute a “further restriction” under the GPL’s terms. We encourage everyone to avoid using the Android Market because of this. If you’re distributing GPLed software for Android, make sure users can get it outside the Market—either through your own web site, or through repositories like F-Droid.
This article was originally published on Free Software Foundation.