Consumer Rights Wiki - User contributions [en]

Google Android restrict app sideloading

2025-10-29T11:38:28Z

SciaIsHere: Updated article with new information

{{OngoingEvent}}
On 25 August 2025, '''[[Google]]''' announced that starting in 2026, the company will block the installation of Android apps from outside the Play Store unless the developer has verified their identity with Google. The policy will first roll out in Brazil, Indonesia, Singapore, and Thailand in September 2026 with global enforcement targeted for 2027.<ref name=":0">{{Cite web |last=Frey |first=Suzanne |date=25 Aug 2025 |title=A new layer of security for certified Android devices |url=https://android-developers.googleblog.com/2025/08/elevating-android-security.html |url-status=live |access-date=25 Aug 2025 |website=Android Developers Blog}}</ref><ref name=":1">{{Cite web |last=Perez |first=Sarah |date=25 Aug 2025 |title=Google will require developer verification for Android apps outside the Play Store |url=https://techcrunch.com/2025/08/25/google-will-require-developer-verification-for-android-apps-outside-the-play-store/ |url-status=live |access-date=25 Aug 2025 |website=TechCrunch}}</ref> This marks a significant change to Android's long-standing support for sideloading apps and has sparked debate among developers, consumers, and digital rights advocates.<ref name=":2">{{Cite web |last=Anderson |first=Tim |date=2025-08-26 |title=Google kneecaps indie Android devs, forces them to register |url=https://www.theregister.com/2025/08/26/android_developer_verification_sideloading |url-status=live |archive-url=https://web.archive.org/web/20250829170329/https://www.theregister.com/2025/08/26/android_developer_verification_sideloading |archive-date=2025-08-29 |access-date=2025-08-26 |website=The Register}}</ref><ref name=":3">{{Cite web |first= |date=26 Aug 2025 |title=Google will block sideloading of unverified Android apps starting next year |url=https://www.bleepingcomputer.com/forums/t/810335/google-will-block-sideloading-of-unverified-android-apps-starting-next-year |url-status=live |access-date=26 Aug 2025 |website=BleepingComputer}}</ref>

==Background==
The open-source Android operating system has historically allowed [[sideloading]], the installation of apps from outside the Google Play Store. Users would need to enable "unknown sources" in their device settings to make this possible. This level of openness distinguished Android OS from Apple's restrictive iOS that does not allow sideloading. Alternative android app stores, such as F-Droid, Amazon's Appstore, and web downloads from sites like APKMirror, thrived under this model.<ref>{{Cite web |last=Thomas |first=Dallas |date=14 Sep 2024 |title=The Wild West days of sideloading on Android are officially over in this week's news |url=https://www.androidpolice.com/weekly-android-news-roundup-september-14-2024/ |url-status=live |access-date=25 Aug 2025 |website=Android Police}}</ref>

Over time, Google introduced restrictions to the open-source operating system citing security concerns. In 2023, Google began requiring Play Store developers to verify their identities in order to reduce "impersonation and malware."<ref name=":0" /> Android versions 13 and 15 further limited what sideloaded apps could do, blocking access to sensitive permissions for apps not installed through Google's channels.<ref name=":4">{{Cite web |last=Rahman |first=Mishaal |date=25 Aug 2025 |title=Google wants to make sideloading Android apps safer by verifying developers' identities |url=https://www.androidauthority.com/android-developer-verification-requirements-3590911/ |url-status=live |access-date=26 Aug 2025 |website=Android Authority}}</ref> These steps appear to have laid the groundwork for Google's new, broader enforcement.

==Timeline==
On 25 August 2025, Google announced that '''apps can only be installed on certified Android devices if their developers have verified their personal identity with Google'''.<ref name=":0" /> Developers must register through a new Android Developer Console, pay a one-time $25 fee (except for hobbyists or students, who will have a separate free path), and provide identifying details such as legal name, address, and government-issued ID.<ref name=":1" /><ref name=":2" /> Apps must also be registered with their signing keys to prove ownership.<ref name=":2" />

The rollout will proceed in stages:

*'''October 2025:''' Early access program for select developers.
*'''March 2026:''' Verification opens for all developers worldwide.
*'''September 2026:''' Enforcement begins in Brazil, Indonesia, Singapore, and Thailand.<ref name=":0" />
*'''2027:''' Targeted global rollout, eventually covering nearly all certified Android devices.<ref name=":0" /><ref name=":1" />

The new system applies to certified Android devices which are phones and tablets that ship with Google Mobile Services (e.g., Pixel, Samsung, Xiaomi). Devices running uncertified AOSP builds or custom ROMs (e.g., GrapheneOS, LineageOS) are not subject to this restriction.<ref name=":2" /> However, uncertified devices often face their own sideloading and app compatibility due to SafetyNet/Play Integrity checks.<ref name=":2" />

==Google's response==
Google framed this new policy as a necessary security measure to reduce malware, fraud, and impersonation. The company stated that malware is "50× more common outside the Play Store" and that anonymity allows bad actors to evade accountability.<ref name=":0" /><ref name=":2" /> Suzanne Frey, VP of Product for Android, likened the change to an ID check at the airport: verifying who the developer is without inspecting app content.<ref name=":0" />

Google emphasized that it will not review or police apps distributed outside the Play Store for content, only verify developer identities.<ref name=":0" /><ref name=":1" /> Google's move gained support from some industry and institutions, including the Developers Alliance, Brazil's banking federation FEBRABAN, and Indonesia's Ministry of Communication and Informatics, all of which praised the move as protecting users from fraud.<ref name=":0" /><ref name=":1" />

As backlash mounted, Google took steps to clarify the changes. In late September 2025, an Android Developers Blog Q&A by Android security director Matthew Forsythe reiterated that sideloading is "fundamental to Android" and "absolutely not" going away, stressing the policy's focus on verifying developer identities rather than limiting user choice.<ref name=":7">{{Cite web |date=2025-09-30 |title=Let's talk security: Answering your top questions about Android developer verification |url=https://android-developers.googleblog.com/2025/09/lets-talk-security-answering-your-top.html |url-status=live |access-date=2025-10-27 |website=Android Developers Blog}}</ref> Google assured developers that common workflows remain unaffected; for example, installing test apps via '''ADB''' (Android's debugging tool) will not require verification.<ref name=":7" /> The company also introduced a free "'''limited distribution'''" developer account as well as a new Android Developer Console for students, teachers, and hobbyists, allowing them to publish apps without paying a fee or providing government ID.<ref name=":7" /><ref name=":8">{{Cite web |last=Rahman |first=Mishaal |date=2025-10-02 |title=We finally know how Android's new app verification rules will actually work |url=https://www.androidauthority.com/how-android-app-verification-works-3603559/ |url-status=live |access-date=2025-10-28 |website=Android Authority}}</ref> However, these accounts come with significant app distribution restrictions, namely a strict cap on the number of devices that can install their apps. To enforce this restriction, any user of a hobbyist app must retrieve a unique device identifier, and the developer must whitelist that device in the Android Developer Console before the app can be installed.<ref name=":8" /> This two-way device registration limits "free tier" apps to a small, known group of people, whereas anyone aiming to reach a broad audience will need to upgrade to a fully verified paid account.<ref name=":8" />

Google also detailed how the verification enforcement will work. A new system service called the '''Android Developer Verifier''' will check each app at installation to confirm its package name and signing certificate are registered with Google.<ref name=":8" /> Common apps from verified developers can be installed offline thanks to a cached on-device list, but an active internet connection will be required to verify less common apps that aren't in the cache.<ref name=":8" /> To accommodate third-party app stores, Google is developing a "'''pre-auth token'''", a cryptographically signed blob that an alternative app store can pass to the system to pre-verify apps without repeated network calls.<ref name=":8" /> Enforcement of these rules will debut in '''Android 16 QPR2''' (the second quarterly update of Android 16, expected in late 2026), and Google will also update Play Protect on older Android versions to implement similar checks via Google Play Services.<ref name=":8" /> Notably, Google is carving out exceptions for enterprise scenarios: apps deployed through enterprise mobile management on managed work devices will install without developer verification (the assumption being that an organization's IT admin is taking responsibility for those apps' safety).<ref name=":8" /> However, truly offline use cases may prove tricky. Google has noted that entities with devices kept entirely off the internet will need to "determine for themselves" how to handle verification requests (i.e. such devices must periodically connect online to update the trusted app list).<ref name=":8" />

==Consumer response==
The announcement sparked backlash in online communities. On [[Reddit]], users accused Google of gradually eroding Android's openness.<ref name=":5">{{Cite web |date=26 Aug 2025 |title=Google will block sideloading of unverified Android apps starting next year |url=https://www.reddit.com/r/Android/comments/1n0f5zt/google_will_block_sideloading_of_unverified/ |access-date=26 Aug 2025 |website=[[Reddit]]}}</ref> Many argued that Android is becoming indistinguishable from iOS, with some stating that they may switch to operating systems from Apple or Linux since Android's openness was its key advantage.<ref name=":5" /><ref>{{Cite web |last=Schenck |first=Stephen |date=27 Aug 2025 |title=With developer verification, I'm struggling to think of Android as a proper smartphone platform |url=https://www.androidauthority.com/android-developer-registration-3591988/ |url-status=live |archive-url=https://web.archive.org/web/20250828113543/https://www.androidauthority.com/android-developer-registration-3591988/ |archive-date=28 Aug 2025 |access-date=28 Aug 2025 |website=Android Authority}}</ref>

Independent developers raised concerns that hobby projects or sensitive apps (e.g., protest tools, ad-blockers) would be stifled since not all creators are willing to submit government IDs to Google.<ref>{{Cite web |date=25 Aug 2025 |title=Google will allow only apps from verified developers to be installed on Android |url=https://news.ycombinator.com/item?id=45017028 |url-status=live |access-date=26 Aug 2025 |website=Hacker News}}</ref><ref name=":6">{{Cite web |date=26 Aug 2025 |title=Google wants to verify all app developers' identities |url=https://discuss.grapheneos.org/d/25235-google-wants-to-verify-all-app-developers-identities |url-status=live |access-date=26 Aug 2025 |website=GrapheneOS Discussion Forum}}</ref> Open-source communities, including GrapheneOS developers, argued this would discourage FOSS development and give Google exclusive control over Android's ecosystem.<ref name=":6" /><ref>{{Cite web |last=Sarang |first= |date=2025-08-26 |title=Finally Over: Google Blocks Sideloading of Android Apps |url=https://www.androidsage.com/2025/08/26/google-blocks-sideloading-of-android-apps/ |url-status=live |archive-url=https://web.archive.org/web/20250827201805/https://www.androidsage.com/2025/08/26/google-blocks-sideloading-of-android-apps/ |archive-date=2025-08-27 |access-date=2025-08-27 |website=Android Sage}}</ref>

Conversely, some security experts and industry groups welcomed the move, calling it a reasonable compromise that still allows third-party distribution while deterring anonymous malware authors.<ref name=":0" /><ref name=":2" /> Critics countered that determined attackers could still exploit stolen IDs, and that this introduces a "choke point," giving Google leverage over all app installs.<ref name=":3" />

Regulators had not formally responded within the first 24 hours, but commentators noted that the change resembles Apple's Developer ID system on macOS and that it may be Google's way of tightening control while remaining compliant with the EU's {{Wplink|Digital Markets Act}}.<ref name=":4" /><ref name=":6" />

By late September 2025, open-source app developers escalated their opposition. The volunteer-run F-Droid app repository warned that Google's plan, if implemented, "will end the F-Droid project and other free/open-source app distribution sources as we know them today."<ref name=":9">{{Cite web |last=Anderson |first=Tim |date=2025-09-29 |title=Google's dev registration plan 'will end the F-Droid project' |url=https://www.theregister.com/2025/09/29/googles_dev_registration_plan_will/ |access-date=2025-10-28 |website=The Register}}</ref> F-Droid cannot comply with a centralized registration regime; its team builds apps from source code and signs them with its own cryptographic keys so it cannot simply have each apps' original author register and hand over a signing identity without fundamentally changing F-Droid's model.<ref name=":10">{{Cite web |last=Prud'hommeaux |first=Marc |date=2025-09-29 |title=F-Droid and Google's Developer Registration Decree |url=https://f-droid.org/2025/09/29/google-developer-registration-decree.html |url-status=live |access-date=2025-10-27 |website=F-Droid}}</ref>

Google offered a limited concession for situations where the same app exists in multiple stores: in rare cases, it will allow duplicate package names if one version has a significantly smaller user base (meaning the developer of the less-installed version might be asked to change their app's identifier).<ref name=":8" /> In practice this would do little to help F-Droid. Many apps on F-Droid share a package name with a more popular Google Play version, so Google's policy would effectively treat the Play developer as the rightful owner and force the F-Droid variant to disappear or rebrand, an outcome that violates F-Droid's core philosophy.<ref name=":8" />

The F-Droid team argued that Google is using security as a pretext to consolidate power over software distribution, especially since even the Play Store has repeatedly hosted malware despite all its checks.<ref name=":9" /><ref name=":10" /> In an official statement, F-Droid appealed to regulators and competition authorities around the world, citing the EU's Digital Markets Act, to scrutinize Google's proposal and protect the ability of alternative app stores and open-source developers to operate freely.<ref name=":10" />

Privacy and free-speech advocates also raised concerns. Requiring every app developer to verify their real-world identity would eliminate anonymity for creators of apps used in sensitive contexts, for example by political dissidents or whistleblowers.<ref>{{Cite web |last=Holwerda |first=Thom |date=2025-10-02 |title=Google details Android developer certification requirement, and it's as bad as we feared |url=https://www.osnews.com/story/143467/google-details-android-developer-certification-requirement-and-its-as-bad-as-we-feared/ |url-status=live |archive-url=https://web.archive.org/web/20251009112107/https://www.osnews.com/story/143467/google-details-android-developer-certification-requirement-and-its-as-bad-as-we-feared/ |archive-date=2025-10-09 |access-date=2025-10-29 |website=osnews}}</ref> Google acknowledged that legitimate reasons for developer anonymity exist and stated it won't publicly disclose developer information, but the company did not promise to withhold that information from governments should they seek it.<ref name=":8" /> Google's stance is that the status quo (allowing anonymous app distribution) poses risks it can no longer accept.<ref name=":8" />

Some former Android team members have also lamented the platform's direction. Jean-Baptiste Quéru, a founding Android engineer who led the Android Open Source Project, remarked that when he worked on Android, goals included keeping the app ecosystem "as open as the web" and letting users run their own builds, but "12 years later, this seems to have all died".<ref>{{Cite web |last=Holwerda |first=Thom |date=2025-09-29 |title=Google's Android developer registration requirement will kill F-Droid |url=https://www.osnews.com/story/143450/googles-android-developer-registration-requirement-will-kill-f-droid/ |url-status=live |archive-url=https://web.archive.org/web/20251009111928/https://www.osnews.com/story/143450/googles-android-developer-registration-requirement-will-kill-f-droid/ |archive-date=2025-10-09 |access-date=2025-10-29 |website=osnews}}</ref>

==References==
{{Reflist}}

[[Category:Incidents]]
[[Category:Android]]
[[Category:Google]]

Google Android restrict app sideloading

2025-08-26T22:18:17Z

SciaIsHere: Added 'Incidents' category to page

On August 25, 2025, Google announced that starting in 2026 it will block the installation of Android apps from outside the Play Store unless the developer has verified their identity with Google. The policy will first roll out in Brazil, Indonesia, Singapore, and Thailand in September 2026, with global enforcement targeted for 2027 <ref name=":0">{{Cite web |last=Frey |first=Suzanne |date=25 Aug 2025 |title=A new layer of security for certified Android devices |url=https://android-developers.googleblog.com/2025/08/elevating-android-security.html |url-status=live |access-date=25 Aug 2025 |website=Android Developers Blog}}</ref><ref name=":1">{{Cite web |last=Perez |first=Sarah |date=25 Aug 2025 |title=Google will require developer verification for Android apps outside the Play Store |url=https://techcrunch.com/2025/08/25/google-will-require-developer-verification-for-android-apps-outside-the-play-store/ |url-status=live |access-date=25 Aug 2025 |website=TechCrunch}}</ref>. This marks a significant change to Android’s long-standing support for sideloading apps and has sparked debate among developers, consumers, and digital rights advocates <ref name=":2">{{Cite web |last=Anderson |first=Tim |date=26 Aug 2025 |title=Google kneecaps indie Android devs, forces them to register |url=https://www.theregister.com/2025/08/26/android_developer_verification_sideloading |url-status=live |access-date=26 Aug 2025 |website=The Register}}</ref><ref name=":3">{{Cite web |first= |date=26 Aug 2025 |title=Google will block sideloading of unverified Android apps starting next year |url=https://www.bleepingcomputer.com/forums/t/810335/google-will-block-sideloading-of-unverified-android-apps-starting-next-year |url-status=live |access-date=26 Aug 2025 |website=BleepingComputer}}</ref>.

==Background==
Android has historically allowed '''sideloading''', which is installation of apps from outside the official Play Store. They usually allow this only if users enabled “unknown sources” in their device settings. This openness distinguished Android from Apple’s iOS, which restricts app installs to its App Store. Alternative app stores such as F-Droid and Amazon’s Appstore, as well as direct downloads from sites like APKMirror, thrived under this model <ref>{{Cite web |last=Thomas |first=Dallas |date=14 Sep 2024 |title=The Wild West days of sideloading on Android are officially over in this week's news |url=https://www.androidpolice.com/weekly-android-news-roundup-september-14-2024/ |url-status=live |access-date=25 Aug 2025 |website=Android Police}}</ref>.

Over time, Google introduced restrictions in the name of security. In 2023, it began requiring Play Store developers to verify their identities, which Google said reduced impersonation and malware <ref name=":0" />. Android 13 and Android 15 further limited what sideloaded apps could do, blocking access to sensitive permissions for apps not installed through official channels <ref name=":4">{{Cite web |last=Rahman |first=Mishaal |date=25 Aug 2025 |title=Google wants to make sideloading Android apps safer by verifying developers’ identities |url=https://www.androidauthority.com/android-developer-verification-requirements-3590911/ |url-status=live |access-date=26 Aug 2025 |website=Android Authority}}</ref>. These steps laid the groundwork for Google’s new, broader enforcement.

==Timeline==
On August 25, 2025, Google announced that '''apps can only be installed on certified Android devices if their developers have verified their identity with Google''' <ref name=":0" />. Developers must register through a new Android Developer Console, pay a one-time $25 fee (except for hobbyists or students, who will have a separate free path), and provide identifying details such as legal name, address, and government-issued ID <ref name=":1" /><ref name=":2" />. Apps must also be registered with their signing keys to prove ownership <ref name=":2" />.

The rollout will proceed in stages:

*'''October 2025:''' Early access program for select developers.
*'''March 2026:''' Verification opens for all developers worldwide.
*'''September 2026:''' Enforcement begins in Brazil, Indonesia, Singapore, and Thailand <ref name=":0" />.
*'''2027:''' Targeted global rollout, eventually covering nearly all certified Android devices <ref name=":0" /><ref name=":1" />.

The new system applies to '''certified Android devices'''; phones and tablets that ship with Google Mobile Services (e.g., Pixel, Samsung, Xiaomi). Devices running '''uncertified AOSP builds''' or custom ROMs (e.g., GrapheneOS, LineageOS) are not subject to this restriction <ref name=":2" />. However, uncertified devices often face app compatibility issues due to SafetyNet/Play Integrity checks <ref name=":2" />.

==Google's response==
Google framed the change as a necessary '''security measure''' to reduce malware, fraud, and impersonation. The company stated that malware is '''50× more common outside the Play Store''' and that anonymity allows bad actors to evade accountability <ref name=":0" /><ref name=":2" />. Suzanne Frey, VP of Product for Android, likened the change to an '''ID check at the airport''': verifying who the developer is without inspecting app content <ref name=":0" />.

Google emphasized that it will not review or police apps distributed outside the Play Store for content, only verify developer identities <ref name=":0" /><ref name=":1" />. It highlighted support from industry and institutions, including the Developers Alliance, Brazil’s banking federation FEBRABAN, and Indonesia’s Ministry of Communication and Informatics, all of which praised the move as protecting users from fraud <ref name=":0" /><ref name=":1" />.

==Consumer response==
The announcement sparked backlash in online communities. On Reddit, users called the change ''“complete bullshit”'' and accused Google of '''gradually eroding Android’s openness''' <ref name=":5">{{Cite web |date=26 Aug 2025 |title=Google will block sideloading of unverified Android apps starting next year |url=https://www.reddit.com/r/Android/comments/1n0f5zt/google_will_block_sideloading_of_unverified/ |access-date=26 Aug 2025 |website=Reddit}}</ref>. Many argued that Android is becoming indistinguishable from iOS, with some stating they might switch to Apple or Linux since Android’s openness was its key advantage <ref name=":5" />.

Independent developers raised concerns that hobby projects or sensitive apps (e.g., protest tools, ad-blockers) would be stifled, as not all creators are willing to submit government IDs to Google <ref>{{Cite web |date=25 Aug 2025 |title=Google will allow only apps from verified developers to be installed on Android |url=https://news.ycombinator.com/item?id=45017028 |url-status=live |access-date=26 Aug 2025 |website=Hacker News}}</ref><ref name=":6">{{Cite web |date=26 Aug 2025 |title=Google wants to verify all app developers’ identities |url=https://discuss.grapheneos.org/d/25235-google-wants-to-verify-all-app-developers-identities |url-status=live |access-date=26 Aug 2025 |website=GrapheneOS Discussion Forum}}</ref>. Open-source communities, including GrapheneOS developers, argued this would discourage FOSS development and give Google exclusive control over Android’s ecosystem <ref name=":6" />.

Conversely, some security experts and industry groups welcomed the move, calling it a reasonable compromise that still allows third-party distribution while deterring anonymous malware authors <ref name=":0" /><ref name=":2" />. Critics countered that determined attackers could still exploit stolen IDs, and that this introduces a “choke point” giving Google leverage over all app installs <ref name=":3" />.

Regulators had not formally responded within the first 24 hours, but commentators noted that the change resembles Apple’s '''Developer ID''' system on macOS and may be Google’s way of tightening control while remaining compliant with the EU’s Digital Markets Act <ref name=":4" /><ref name=":6" />.

==References==
<references />
[[Category:Incidents]]

Google Android restrict app sideloading

2025-08-26T21:50:30Z

SciaIsHere: Edit header format.

Article suggestions

2025-08-26T21:46:16Z

SciaIsHere: Article for Google incident created, entry removed from table.

This page is dedicated towards providing a communal list for users to submit potential articles to feature on the wiki, and to give editors inspiration on what pages they might want to add to the wiki. If you create an article based on an entry from this list, or see that someone else has done so, please make sure to delete the row from this page in order to prevent confusion.

Sources should be inserted within the 'refs' section of the table. If using the visual editor, take advantage of '<nowiki/>'''insert reference'''<nowiki/>' via ''''ctrl + shift + k'''<nowiki/>' so that the sources are quick to add to future articles. If you are using the source editor, feel free to copy and paste the formatting from other correctly formatted references on the page. The more sources you include with an article idea, the more likely it is that others will pick the article idea up and run with it, so please attempt to include a good variety of descriptive sources!

Please take note of the wiki's [[Consumer Rights Wiki:Inclusion guidelines|Inclusion criteria]] when submitting article suggestions. If you see article suggestions here which do not fit the Wiki, feel free to remove them, leaving your reasoning in an edit note.

If you are an editor looking for further inspiration to write an article, you can also check out the [[Louis Rossmann - Video Directory|Louis Rossmann video directory]] for a good collection of potential articles.

==Example==
Below is an example of what an entry should appear as:
{| class="wikitable"
|+
!Company
!Summary of Incident
!Refs
|-
|[[Nintendo]]
|In 2025, the company Nintendo stripped Switch 2 consoles that used the MIG switch cartridge of all online functionality
|<ref name=":3">{{Cite web |last=Scattered Brain |date=Jun 16, 2025 |title=Soo... Nintendo banned my Switch 2 (Don't try the MIG Switch!) |url=https://www.youtube.com/watch?v=ExgYTA18_vo&t=656s |access-date=Jun 18, 2025 |website=[[YouTube]]}}</ref><ref name=":0">{{Cite news |last=Orland |first=Kyle |date=Jun 17, 2025 |title=Switch 2 users report online console bans after running personal game “backups” |url=https://arstechnica.com/gaming/2025/06/playing-personal-game-backups-could-get-your-switch-2-banned-by-nintendo/ |access-date=Jun 19, 2025 |work=Ars Technica}}</ref>
|}

==List of incidents not yet covered==
{| class="wikitable"
!Company
!Summary of Incident
!Refs
|-
|[[Audi]]
|Subscription-based paywalling of basic features of the Audi A3 in the EU and the UK.
|<ref>{{Cite web |last=MickDrivesCars |date=2025-07-28 |title=How to ruin your car brand |url=https://youtu.be/ueHgn6UTZjk |url-status=live |website=YouTube}}</ref><ref>{{Cite news |last=Haefner |first=Morgan |last2=Hodge |first2=Lawrence |date=2024-03-14 |title=Audi wants buyers to pay for basic car features |url=https://qz.com/audi-a3-buyers-must-subscribe-to-use-basic-car-features-1851333470 |url-status=live |archive-url=https://archive.ph/B1SHT |archive-date=2025-08-25 |access-date=2025-08-25 |work=Quartz}}</ref><ref>{{Cite news |last=Hundal |first=Thomas |date=2024-03-13 |title=Audi Wants European A3 Customers To Subscribe To Features That Come Standard On A Base Toyota Corolla |url=https://www.theautopian.com/audi-wants-european-a3-customers-to-subscribe-to-features-that-come-standard-on-a-base-toyota-corolla/ |url-status=live |archive-url=https://web.archive.org/web/20250208095611/https://www.theautopian.com/audi-wants-european-a3-customers-to-subscribe-to-features-that-come-standard-on-a-base-toyota-corolla/ |archive-date=2025-02-08 |access-date=2025-08-25 |work=The Autopian}}</ref>
|-
|LBRY Foundation, Oddessy
|Community first decentralization & Odysseys plan to enable censorship by switching away from the opensource LBRY network.
|<ref>{{Cite web |title=The LBRY Foundation |url=https://lbry.org/ |url-status=live |access-date=08 Aug 2025 |quote=The LBRY community invites everyone to join us in building a more free and open way to share content and information online.}}</ref><ref>{{Cite news |last=Watson |first=RT |date=06 June 2024 |title=Decentralized YouTube alternative Odysee acquired by Forward Research despite content concerns |url=https://www.theblock.co/post/298888/decentralized-youtube-alternative-odysee-acquired-by-forward-research-despite-content-concerns |url-status=live |access-date=8/16/25 |work=The Block}}</ref><ref>{{Cite journal |last=Li |first=Jun |last2=Grintsvayg |first2=Alex |last3=Kauffman |first3=Jeremy |last4=Fleming |first4=Charles |date=2020 |title=LBRY: A Blockchain-Based Decentralized Digital Content Marketplace |url=https://ieeexplore.ieee.org/document/9126007 |journal=2020 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS) |location=Oxford, UK |publisher=IEEE |doi=10.1109/DAPPS49028.2020.00005 |isbn=978-1-7281-6978-1 |via=IEEE Xplore}}</ref>
|-
|[[Microsoft]]
|Anticompetitive behavior contributing to the damaging of the security of customer devices.
|<ref name=":1">{{Cite news |last=Triplette |first=Ryan |date=Nov 15, 2024 |title=Microsoft’s anticompetitive behavior weakens its customers’ cybersecurity |url=https://federalnewsnetwork.com/commentary/2024/11/microsofts-anticompetitive-behavior-weakens-its-customers-cybersecurity/?readmore=1 |access-date=Jun 25, 2025 |work=Federal News Network}}</ref>
|-
|[[Samsung]], [[Glance]]
|Using the faces of its devices' users for the purposes of generating ads with AI to display on the lock screen
|<ref>{{Cite news |last=Whitwam |first=Ryan |date=Jun 4, 2025 |title=Samsung teams up with Glance to use your face in AI-generated lock screen ads |url=https://arstechnica.com/gadgets/2025/06/samsung-teams-up-with-glance-to-use-your-face-in-ai-generated-lock-screen-ads/ |access-date=Jun 25, 2025 |work=Ars Technica}}</ref><ref>{{Cite web |last=Fink |first=Charlie |date=2025-06-04 |title=Glance AI And Samsung Bring Personalized Shopping To The Lock Screen |url=https://www.forbes.com/sites/charliefink/2025/06/04/glance-ai-and-samsung-bring-personalized-shopping-to-the-lock-screen/ |access-date=2025-08-23 |website=Forbes}}</ref><ref>{{Cite web |last=Johnson |first=Allison |date=2025-06-04 |title=Samsung phones are getting a weird AI shopping platform nobody asked for |url=https://www.theverge.com/news/679541/samsung-galaxy-glance-ai-lock-screen-app |access-date=2025-08-23 |website=The Verge}}</ref><ref>{{Cite web |last=Devenport |first=Corbin |date=2025-06-04 |title=Lock Screen Ads Are Coming to Your Galaxy Phone |url=https://www.howtogeek.com/lock-screen-ads-are-coming-to-your-galaxy-phone/ |access-date=2025-08-23 |website=How To Geek}}</ref>
|-
|[[Facebook]], [[Yandex]]
|De-anonymizing web browsing identifiers
|<ref>{{Cite news |last=Wildeboer |first=Jan |date=Jun 03, 2025 |title=Wildeboer post from Jan Wildeboer |url=https://social.wildeboer.net/@jwildeboer/114620123151656825 |access-date=Jun 25, 2025 |work=social.wildeboer.net}}</ref><ref>{{Cite news |last=Goodin |first=Dan |date=Jun 3, 2025 |title=Meta and Yandex are de-anonymizing Android users’ web browsing identifiers |url=https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/ |access-date=Jun 25, 2025 |work=Ars Technica}}</ref>
|-
|[[TikTok]]
|Integrated AI tools to track user behaviors even more for the purposes of selling to advertisers
|<ref>{{Cite news |last=Sato |first=Mia |date=Jun 3, 2025 |title=TikTok will give advertisers even more data on trends and users |url=https://www.theverge.com/news/678255/tiktok-advertiser-summit-ai-targeting-data-seo |access-date=Jun 25, 2025 |work=The Verge}}</ref>
|-
|[[k.chicntech]]
|Selling fraudulent products on its platform
|<ref>{{Cite news |last=Harding |first=Scharon |date=Jun 3, 2025 |title=Shopper denied $51 refund for 20TB HDD that’s mostly a weighted plastic box |url=https://arstechnica.com/gadgets/2025/06/man-buys-20tb-portable-hdd-for-51-son-breaks-the-news-that-its-a-fake/ |access-date=Jun 25, 2025 |work=Ars Technica}}</ref>
|-
|[[Facebook]], [[Yandex]]
|Automatic opt-in of user-generated content being used for the purposes of training AI.
|<ref>{{Cite web |last=Borgesius |first=Frederik |date=Apr 24, 2025 |title=Post on akademienl.social |url=https://akademienl.social/@Frederik_Borgesius/114392662340468118 |access-date=Jun 25, 2025 |website=akademienl.social}}</ref><ref>{{Cite news |date=Apr 24, 2025 |title=AP: kom nu in actie als je niet wil dat Meta AI traint met jouw data |url=https://autoriteitpersoonsgegevens.nl/actueel/ap-kom-nu-in-actie-als-je-niet-wil-dat-meta-ai-traint-met-jouw-data |access-date=Jun 25, 2025 |work=autoriteitpersoonsgegevens.nl}}</ref>
|-
|[[Google]]
|Terms enacted in April reserve it the right to analyze sensitive call data
|<ref>{{Cite news |last=Saam |first=Conrad |date=Apr 24, 2025 |title=Google asserts ownership of all advertiser assets in Local Services Ads |url=https://searchengineland.com/google-asset-ownership-local-services-ads-454561 |access-date=Jun 25, 2025 |work=Search Engine Land}}</ref>
|-
|[[VidIQ]]
|Scraping user generated content so poorly that it puts users at risk of violating copyright law
|<ref>{{Cite web |last=CutCafe |date=Jan 24, 2025 |title=This AI tool is EXPLOITING small content creators (So I exposed it) |url=https://www.youtube.com/watch?v=gg8JZozCa0c |access-date=Jun 25, 2025 |website=[[YouTube]]}}</ref>
|-
|[[Waymo]]
|Using interior camera to train GenAI models; automatic opt-in
|<ref>{{Cite news |last=Bellan |first=Rebecca |date=Apr 8, 2025 |title=Waymo may use interior camera data to train generative AI models, but riders will be able to opt out |url=https://techcrunch.com/2025/04/08/waymo-may-use-interior-camera-data-to-train-generative-ai-models-sell-ads/ |access-date=Jun 25, 2025 |work=TechCrunch}}</ref><ref>{{Cite web |last=Hawkins |first=Andrew |date=April 7, 2025 |title=Waymo: ‘no plans’ to use in-car camera data for targeted ads |url=https://www.theverge.com/news/644770/waymo-interior-camera-ai-training-ads-privacy |url-status=live |access-date=2025-08-14}}</ref>
|-
|[[Dymo]]
|550 and newer models have DRM in the printer paper; older model printers bricked via a driver update.
|<ref>{{Cite news |last=Malawey |first=David |date=Apr 3, 2025 |title=discard junkware and the extract pure value of Dymo |url=https://www.youtube.com/watch?v=1hlhPRlxA9s |access-date=Jun 25, 2025 |work=[[YouTube]]}}</ref>
|-
|[[Google]]
|Numerous incidents listed under Wikipedia's [[wikipedia:Google_litigation|Google Litigation]] page
|N/A
|-
|[[UPS]]
|Charges excessively high brokerage fees disguised as "customs fees" that exceed shipping costs when mailing a product from the US to Canada; sent person in source a $42.60 bill AFTER delivering the package, without the person being informed of the shipper being UPS.
|<ref>{{Cite web |last=Runkle Of The Bailey |date=Nov 14, 2024 |title=I Fought UPS' Bogus Brokerage Fees, And Won |url=https://www.youtube.com/watch?v=gKju9a4lA5I |access-date=Jun 26, 2025 |website=[[YouTube]]}}</ref>
|-
|[[Liberty Safe]]
|At the point of sale (POS) of the safe, the consumer was not informed that the manufacturer has a backdoor for the safe. In this specific incident, this backdoor was used to bypass the security for the purposes of the FBI
|<ref>{{Cite web |last=Runkle Of The Bailey |date=Sep 6, 2023 |title=Liberty Safe Has Secret Backdoors -- And They Gave It To the FBI |url=https://www.youtube.com/watch?v=aeCwrX2gcXM |access-date=Jun 26, 2025 |website=[[YouTube]]}}</ref>
|-
|[[Yubo]]
|Only in-scope elements of the provided source should focus on "age estimation" and "facial recognition", despite the ethical dubiousness of the platform for minors.
|<ref>{{Cite web |last=CinemaGuess |date=Jun 25, 2025 |title=Yubo; The Most Dangerous Snapchat Clone Ever Made |url=https://www.youtube.com/watch?v=LKm5gkG9yMw |access-date=Jun 26, 2025 |website=[[YouTube]]}}</ref>
|-
|[[itch.io]], [[Night School Studios]], [[Netflix]]
|In September 2024, users who purchased Oxenfree on itch.io were warned that the game was going to be pulled from the platform on October 1st. Consumers would not be able to download the installers after this date, so they would lose access unless they had them backed up. Users speculated that Netflix, the parent company of the development studio, had ordered the move; however, no response from Netflix or the developers was ever published. This is particularly notable because it is against itch.io's terms of service: "Users shall retain a license to this content even after the content is removed from the Service."
|<ref>{{Cite web |last=itch corp |date=15 Apr 2023 |title=itch.io Terms of Service |url=https://itch.io/docs/legal/terms |url-status=live |archive-url=https://web.archive.org/web/20240907004719/https://itch.io/docs/legal/terms |archive-date=7 Sep 2024 |access-date=27 Jun 2025 |website=itch.io}}</ref> <ref>{{Cite web |last=ShawnS |date=31 Jan 2025 |title=OXENFREE |url=https://delistedgames.com/oxenfree/ |url-status=live |archive-url=https://web.archive.org/web/20250321070400/https://delistedgames.com/oxenfree/ |archive-date=21 Mar 2025 |access-date=27 Jun 2025 |website=Delisted Games}}</ref> <ref>{{Cite web |last=Colp |first=Tyler |date=9 Sep 2024 |title=Another reminder that your digital library isn't forever: Oxenfree will be completely removed from Itch.io next month |url=https://www.pcgamer.com/games/adventure/another-reminder-that-your-digital-library-isn-t-forever-oxenfree-will-be-completely-removed-from-itch-io-next-month/ |url-status=live |archive-url=https://web.archive.org/web/20250523111125/https://www.pcgamer.com/games/adventure/another-reminder-that-your-digital-library-isn-t-forever-oxenfree-will-be-completely-removed-from-itch-io-next-month/ |archive-date=23 May 2025 |access-date=27 Jun 2025 |website=PC Gamer}}</ref>
|-
|[https://consumerrights.wiki/index.php?title=SourceForge.net_forces_users_to_inconditionally_accept_terms_of_use_with_no_alternative_before_logging_in&veaction=edit&section=2 Sourceforge.net]
|Sourceforge forces users to accept terms and conditions before they can even log in, denying their right to refuse or disagree.
|
|-
|[[Electronic Arts]]
|The video game [[Anthem]] was announced to have its servers shut down, leading to all licenses for the title becoming bricked.
|<ref>{{Cite news |last=Hore |first=Jamie |date=Jul 3, 2025 |title=Anthem will soon die for good, as Bioware confirms a full server shut down |url=https://www.pcgamesn.com/anthem/servers-shutting-down-bioware |access-date=Jul 4, 2025 |work=Ars Technica}}</ref>
|-
|[https://drivesaversdatarecovery.com/partner-programs/ DriveSavers]
|Through DriveSavers' partner program, independent or otherwise affiliated shops receive an approximately 10% commission for referring customers to the service (typical service being approximately $3,000.00, resulting in $300.00 of commission for partners). On top of this, partnered shops also receive DriveSavers branded merchandise (pens, antistatic mats and similar shop equipment, etc). Has relevance as this may result in partners having heavy incentives to refer customers to a service they may not need.
|
|-
|[https://www.skystone.games/ Skystone Games]
|Boundary, a multiplayer online-only first-person shooter, got shut down just a year after its release by Skystone games, and its publishing rights relinquished, citing "ongoing delays and a lack of updates from the developer". Studio Surgical Scalpels (the developer) stated that the publisher decissions were "extremely sudden and unreasonable", and attempted to "regain the rights to boundary". The game has been offline for more than a year at the time of writing, and no refunds or communications to the userbase has been made by Skystone Games.
|<ref>{{Cite web |date=2024-06-19 |title=Boundary - End of service notice |url=https://store.steampowered.com/news/app/1364020/view/4209257868262605607?l=english |url-status=live |access-date=2025-07-07 |website=Steam}}</ref><ref>{{Cite web |date=2024-06-30 |title=Boundary Shut Down: Who's to Blame? |url=https://www.youtube.com/watch?v=Kr8IhV1fovE |url-status=live}}</ref>
|-
|[[Automatic Content Recognition (ACR)]]
|Smart TVs of multiple brands have a feature called Automatic Content Recognition, which sends several screenshots per minute of whatever plays on the device to the manufacturer for analysis. This includes content from external inputs and thus could include private photos and videos of the user, as well as third parties who never agreed to anything of that nature. This is required to be opt-in in the US, but most people inadvertently agree to it with the EULA of the device.
|<ref>{{Cite web |first=Rachel Cericola, Jon Chase and Lee Neikirk |date=2025-06-25 |title=Yes, Your TV Is Probably Spying on You. Your Fridge, Too. Here’s What They Know. |url=https://www.nytimes.com/wirecutter/reviews/advice-smart-devices-data-tracking/ |access-date=2025-07-09 |website=The New York Times - Wirecutter}}</ref>
|-
|Not applicable
|Factory reset and deconfiguration guides for removing personal/sensitive data from devices before change of ownership to avoid that data being used for identity theft, spear phishing and scams.
|<ref>{{cite web|title=ACCC Report Revelations Of Scams And Cyber Crime Not Surprising |website=Tech Business News |url=https://www.techbusinessnews.com.au/news/accc-report-revelations-of-scams-and-cyber-crime-not-surprising/ |publication-date=29 April 2024 |access-date=20 July 2025 |quote="Whilst there exists the Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM) which direct government and critical industry to use NAID AAA certified recyclers to destroy and sanitise data at end of life, there remains confusion over ownership of accountability."}}</ref>
|-
|Not applicable
|Users are being forced by law to violate their privacy to access adult websites, when numerous sites that won't follow the law exist and are unsafe.
|<ref>{{Cite web |last=Ortutay |first=Barbara |date=27 Jun 2025 |title=What to know about online age verification laws {{!}} AP News |url=https://apnews.com/article/internet-age-verification-supreme-court-def346d7bf299566a3687d8c4f224fec |url-status=live |access-date=19 Jul 2025}}</ref><ref>{{Cite web |date=28 Jun 2025 |title=The Scam of Age Verification {{!}} PORNBIZ.COM |url=https://pornbiz.com/post/17/the_scam_of_age_verification/en#5 |url-status=live |access-date=19 Jul 2025}}</ref>
|-
|[[Microsoft]]
|Microsoft uses software engineers based in China to work on US Defense Department systems with laughably ineffective precautions. I think this is relevant in the context of Microsoft's attitude towards cloud security. In the past, master keys have been stolen by Chinese hackers and from my understanding, it's not even clear to what extent those groups still have access to Microsoft's internal systems, and by extension, Microsoft customers'. This needs more research though.
|<ref>{{Cite web |last=Dudley |first=Renee |date=2025-07-15 |title=A Little-Known Microsoft Program Could Expose the Defense Department to Chinese Hackers |url=https://www.propublica.org/article/microsoft-digital-escorts-pentagon-defense-department-china-hackers |website=ProRepublica}}</ref>
|-
|Not applicable
|[[Malicious Compliance]]
Companies like Apple comply with regulations such as those imposed by the EU by trying to follow the wording, but not the spirit of the legislation. For instance, there were early reports that Apple would support USB-C, but only with Apple certified devices and cables, allowing them to continue the lucrative "Made for iPhone" certification programme. They only backtracked when the EU indicated this would not be considered compliant with the USB-C mandate.
|<ref>{{Cite web |title=Malicious Compliance |url=https://en.wikipedia.org/wiki/Malicious_compliance |website=Wikipedia}}</ref>
|-
|Not applicable
|[[Financial censorship|Financial Censorship]]
This came up in the recent Valve controversies about removing Games because of pressure from payment providers. It is the concept that US payment providers have pretty much a monopoly world-wide and can thus control which content websites can publish and what goods they can sell because they can threaten to revoke their access to payments.
|<ref>{{Cite web |title=https://www.eff.org/issues/financial-censorship |url= |website=EFF}}</ref>
|-
|[[QIDI]]
|3D printer causes disastrous fire; subreddit staff attempts to cover up incident.
|<ref>{{Cite web |last=u/ProgressLocal1511 |date=Mar 30, 2025 |title=R/QidiTech3d Permanently banned me for warning people after my family lost everything from a fire! |url=https://www.reddit.com/r/3Dprinting/comments/1jnuju1/rqiditech3d_permanently_banned_me_for_warning/ |access-date=Jul 23, 2025 |website=[[Reddit]]}}</ref>
|-
|[[Microsoft]]
|Potentially related to: [[Microsoft's anticompetitive practices]]
Mysteriously banned the developer of LibreOffice from his Hotmail Account; Automated systems handled the appeal process and refused to restore access to his account, potentially harming LibreOffice's development.
|<ref>{{Cite news |last=Simms |first=Daniel |date=Jul 30, 2025 |title=Microsoft suddenly bans LibreOffice developer's email account, blocks appeal |url=https://www.techspot.com/news/108878-microsoft-suddenly-bans-libreoffice-developer-email-account-blocks.html |access-date=Aug 4, 2025 |work=TechSpot}}</ref><ref>{{Cite news |last=Beri |first=Devesh |date=Aug 1, 2025 |title=Microsoft Bans Profile Belonging to Developer Behind Free Microsoft Office Alternative |url=https://tech.yahoo.com/business/articles/microsoft-bans-profile-belonging-developer-204536148.html |access-date=Aug 4, 2025 |work=ExtremeTech}}</ref><ref>{{Cite news |last=Kumar |first=Rohit |date=Aug 3, 2025 |title=LibreOffice Developer Says Microsoft Blocked His Email Account Without Warning |url=https://www.alltechnerd.com/libreoffice-developer-says-microsoft-blocked-his-email-account-without-warning/ |access-date=Aug 4, 2025 |work=All Tech Nerd}}</ref>
|-
|[[Swiffer]]
|When using a Swiffer wet jet power mop you need to buy Swiffer's WetJet Multi-Surface Floor Cleaner which comes in a bottle with a cap on it that the customer can not take off and refill with their own floor cleaner of their choice. The cap is "locked" with plastic hooks that prevent refilling and force the customer to buy another bottle which is heavily priced.
|
|-
|[[Assioma]]

|When purchasing power pedals that just need to output ANT+ data, you cannot use the product you have bought without creating an account, logging into the app and pairing your phone with BLE (lots of phones can't do this pair step). This is claimed by the manufacturer for warranty activation but mean without a phone with the right capability you can't use your expensive power pedals.
|<ref>{{Cite web |date=2025-08-16 |title=FAQs |url=https://cycling.favero.com/en/faq#headingFAQ6-Favero-Assioma-App}}</ref>
|-
|[[Discord]]
|RubenSim's bot "Ro-Cleaner", which protects servers from users who have joined "Roblox Condo" servers in the past, is banned because it invades user's privacy and accesses "Protected Characteristics". Should also be added to [[Roblox's problematic moderation]].
|
|-
|[[TeamViewer]]
|TeamViewer's free trial automatically enrolls users into a paid subscription unless they provide 28 days' advance written notice to cancel. This excessively long cancellation window, combined with the requirement for written notice (rather than allowing cancellations through the same platform used for sign-up), creates a high risk of unintended charges. If users fail to meet these stringent requirements, TeamViewer bills the full annual subscription fee without further warning
|<ref>{{Cite web |date=2023-09-03 |title=All about subscription |url=https://www.teamviewer.com/en/global/support/knowledge-base/teamviewer-classic/licensing/subscription/all-about-subscription/ |url-status=live |archive-url=https://web.archive.org/web/20250628031915/https://www.teamviewer.com/en/global/support/knowledge-base/teamviewer-classic/licensing/subscription/all-about-subscription/ |archive-date=2025-06-28 |access-date=2025-08-16 |website=TeamViewer}}</ref><ref>{{Cite web |last=ozgurozkan |title=TeamViewer invoiced me after a free trial + demanded “28‑day written cancellation.” Proofs inside |url=https://www.reddit.com/r/teamviewer/comments/1mpzpo5/teamviewer_invoiced_me_after_a_free_trial/ |url-status=live |website=Reddit}}</ref>
|-
|Embodied
|This is case of "software tethering". Embodied's $799 companion robot Moxie permanently shut down once the company decided to shut down cloud services. According to Embodied's own website "Moxie relies on cloud connectivity for its core features, and it will not function once services end ... Our Terms of Service specify that services may be terminated at any time without prior notice."
|<ref>{{Cite news |last=Notopoulos |first=Katie |date=2024-12-11 |title=They bought an $800 AI robot for their kids. Now the company is shutting down — and children are having to say goodbye. |url=https://www.businessinsider.com/moxie-robot-toy-shutting-down-kids-embodied-goodbye-2024-12?op=1 |url-status=live |archive-url=https://web.archive.org/web/20250816193431/https://www.businessinsider.com/moxie-robot-toy-shutting-down-kids-embodied-goodbye-2024-12?op=1 |archive-date=2025-08-16 |access-date=2025-08-16 |work=Business Insider}}</ref><ref>{{Cite web |title=Closing FAQs – Moxie Robot |url=https://moxierobot.com/pages/closing-faqs |url-status=live |archive-url=https://web.archive.org/web/20241126054436/https://moxierobot.com/pages/closing-faqs |archive-date=2024-11-26 |access-date=2025-08-16 |website=moxierobot.com}}</ref><ref>{{Cite news |last=Degeurin |first=Mack |date=2024-12-10 |title=‘I love you… goodbye:’ What will happen when this companion robot suddenly dies? |url=https://www.popsci.com/technology/moxie-robot-offline/ |url-status=live |archive-url=https://web.archive.org/web/20241212035257/https://www.popsci.com/technology/moxie-robot-offline/ |archive-date=2024-12-12 |access-date=2025-08-16 |work=Popular Science}}</ref>
|-
|UP3 By Jawbone
|Approximately 2011, Pioneering startup company from San Francisco, had revolutionary fitness trackers. In 2017 with no notice to customers they stole personal data and shut down app which in turn, bricked devices. Highly likely went bankrupt and sold to sister company to manipulate customer services and rights. Now owned by Aliph brands.
|
|-
|GoPro Hero 12
|GoPro Hero 12 requires the GoPro app to be installed before you can use the camera. Many currently used devices are not compatible with the app, therefore making use of the camera difficult to impossible for new owners or upon camera factory reset. There's also the question of what data the app collects and whether it requires login and or camera activation.
|
|-
|[[Internet radios]]
|I'd like a page where I can share information about internet radios "openness." Few allow you to enter a radio station's URL (which I would consider the least intrusive option). Most depend on third-party websites or apps; [https://www.sangean.com/uk/blog/149 some of which have already bricked devices].
|
|-
|Google TLS Changes
|Google's new requirements to certificate authorities require separate authority/signing chains to be used to issue Server Authentication and Client Authentication certificates. Therefore, starting 11 February 2026, Let's Encrypt will no longer include the Client Authentication EKU on default certificates
|
|-
|Devolo
|Devolo switches of servers and removes their app from stores for their "Home Control" system, thus severely reducing the functionality of their devices (apparently Z-Wave-based).
|<ref>{{Cite web |title= |url=https://www.golem.de/news/weiterbetrieb-verursacht-weitere-kosten-devolo-macht-smart-home-system-zum-grossteil-unbrauchbar-2508-199409.html |website=Golem [German]}}</ref>
|-
|Juicero
|Silicon Valley startup that received more than $100 million in funding from investors such as Google and Campbell's Soup. Produced a juicer which was sold for $700 (later $400). Device required a Wi-Fi connection and mobile app in order to use and only accepted "produce packs" sold exclusively by Juicero. Said produce packs had short shelf lives, required the machine to scan a QR code to process, and could be remotely disabled (for instance, if a component item was recalled). Packs were capable of being squeezed by hand (yielding slightly more juice in less time) as demonstrated in an infamous Bloomberg video, which led to the company offering refunds for its juicer. Suspended all operations and (again) offered refunds on September 1st, 2017.
|<ref>{{Cite web |last=Levin |first=Sam |date=2017-09-01 |title=Squeezed out: widely mocked startup Juicero is shutting down {{!}} Silicon Valley {{!}} The Guardian |url=https://www.theguardian.com/technology/2017/sep/01/juicero-silicon-valley-shutting-down |url-status=live |archive-url=https://web.archive.org/web/20170901233738/https://www.theguardian.com/technology/2017/sep/01/juicero-silicon-valley-shutting-down |archive-date=2017-09-01 |access-date=2025-08-21 |website=The Guardian}}</ref><ref>{{Cite web |last=Carson |first=Biz |date=2017-04-20 |title=Juicero Offers Refund For Squeezing Juice Packets |url=https://www.businessinsider.com/juicero-offers-refund-for-squeezing-juice-packets-2017-4 |url-status=live |archive-url=https://web.archive.org/web/20170421033635/http://www.businessinsider.com/juicero-offers-refund-for-squeezing-juice-packets-2017-4 |archive-date=2017-04-21 |access-date=2025-08-21 |website=Business Insider}}</ref><ref>{{Cite web |last=Huet |first=Ellen |last2=Zaleski |first2=Olivia |date=2017-04-19 |title=Silicon Valley’s $400 Juicer May Be Feeling the Squeeze |url=https://www.bloomberg.com/news/features/2017-04-19/silicon-valley-s-400-juicer-may-be-feeling-the-squeeze |url-status=live |archive-url=https://web.archive.org/web/20170429015614/https://www.bloomberg.com/news/features/2017-04-19/silicon-valley-s-400-juicer-may-be-feeling-the-squeeze |archive-date=2017-04-29 |access-date=2025-08-21 |website=Bloomberg}}</ref><ref>{{Cite web |last=Reilly |first=Claire |date=2018-09-08 |title=Juicero is still the greatest example of Silicon Valley stupidity |url=https://www.cnet.com/culture/juicero-is-still-the-greatest-example-of-silicon-valley-stupidity/ |url-status=live |archive-url=https://web.archive.org/web/20241104015047/https://www.cnet.com/culture/juicero-is-still-the-greatest-example-of-silicon-valley-stupidity/ |archive-date=2024-11-04 |access-date=2025-08-21 |website=CNET}}</ref><ref>{{Cite web |last=Kolodny |first=Lora |date=2025-09-01 |title=The tech start-up that made a $700 juicing machine has shut down |url=https://www.cnbc.com/2017/09/01/the-tech-start-up-that-made-a-700-juicing-machine-has-shut-down.html |url-status=live |archive-url=https://web.archive.org/web/20170905084642/https://www.cnbc.com/2017/09/01/the-tech-start-up-that-made-a-700-juicing-machine-has-shut-down.html |archive-date=2017-09-05 |access-date=2025-08-21 |website=CNBC}}</ref><ref>{{Cite web |last=Mihalcik |first=Carrie |date=2017-09-01 |title=Juicero shuts down, offers refunds |url=https://www.cnet.com/home/kitchen-and-household/juicero-shuts-down-offers-refunds/ |url-status=live |archive-url=https://web.archive.org/web/20250702172950/https://www.cnet.com/home/kitchen-and-household/juicero-shuts-down-offers-refunds/ |archive-date=2025-07-02 |access-date=2025-08-21 |website=CNET}}</ref>
|-
|Flock Security
|ALPRs that have been popping up everywhere. No way to opt out of surveillance. Maybe also make an article on the car-mounted cameras.
|
|-
|Foxit Reader
|Updater uses dark pattern to trick unsuspecting users into installing a trial version of their paid product. The checkbox is enabled again by default with each update in the hope that the user misses it by accident at some point.
|
|-
|Lowes
|Lowes uses flock cameras and other AI powered cameras to collect data and build a profile on "prospective, current, or former Lowe's customers". Their cameras point away from their stores.
|
|-
|Coca-Cola Scholars Foundation
|CCSF in their eligibility form requires high school students to agree to a User Agreement which includes waiving their FERPA rights to inspecting otherwise confidential information that the foundation collects throughout the scholarship process, including sensitive information such as home addresses and financial status.
|<ref>{{Cite web |date=24 Aug 2025 |title=Eligibility Quiz (click SUBMIT) |url=https://webportalapp.com/sp/task_item_primary_print/ccsf?item_id=1 |url-status=live |access-date=24 Aug 2025 |website=Coca-Cola Scholars Foundation}}</ref>
|-
|English Government
|Mass facial-recognition cameras and facial-recognition vans
|
|-
|[[H&R Block]]
|Marketing paid products as free, deleting users' tax data upon downgrading to free versions, and forcing users to contact support to get access to the free version of the tax filing software. FTC alleges coercive and obstructive techniques are used to make users pay for services they don't need as well.
|
|}
==See Also==

*[[Louis Rossmann - Video Directory]]

==Reference List==
<references />
[[Category:Sources]]

Google Android restrict app sideloading

2025-08-26T21:44:07Z

SciaIsHere:

On August 25, 2025, Google announced that starting in 2026 it will block the installation of Android apps from outside the Play Store unless the developer has verified their identity with Google. The policy will first roll out in Brazil, Indonesia, Singapore, and Thailand in September 2026, with global enforcement targeted for 2027 <ref name=":0">{{Cite web |last=Frey |first=Suzanne |date=25 Aug 2025 |title=A new layer of security for certified Android devices |url=https://android-developers.googleblog.com/2025/08/elevating-android-security.html |url-status=live |access-date=25 Aug 2025 |website=Android Developers Blog}}</ref><ref name=":1">{{Cite web |last=Perez |first=Sarah |date=25 Aug 2025 |title=Google will require developer verification for Android apps outside the Play Store |url=https://techcrunch.com/2025/08/25/google-will-require-developer-verification-for-android-apps-outside-the-play-store/ |url-status=live |access-date=25 Aug 2025 |website=TechCrunch}}</ref>. This marks a significant change to Android’s long-standing support for sideloading apps and has sparked debate among developers, consumers, and digital rights advocates <ref name=":2">{{Cite web |last=Anderson |first=Tim |date=26 Aug 2025 |title=Google kneecaps indie Android devs, forces them to register |url=https://www.theregister.com/2025/08/26/android_developer_verification_sideloading |url-status=live |access-date=26 Aug 2025 |website=The Register}}</ref><ref name=":3">{{Cite web |first= |date=26 Aug 2025 |title=Google will block sideloading of unverified Android apps starting next year |url=https://www.bleepingcomputer.com/forums/t/810335/google-will-block-sideloading-of-unverified-android-apps-starting-next-year |url-status=live |access-date=26 Aug 2025 |website=BleepingComputer}}</ref>.

==Background==
Android has historically allowed '''sideloading''', which is installation of apps from outside the official Play Store. They usually allow this only if users enabled “unknown sources” in their device settings. This openness distinguished Android from Apple’s iOS, which restricts app installs to its App Store. Alternative app stores such as F-Droid and Amazon’s Appstore, as well as direct downloads from sites like APKMirror, thrived under this model <ref>{{Cite web |last=Thomas |first=Dallas |date=14 Sep 2024 |title=The Wild West days of sideloading on Android are officially over in this week's news |url=https://www.androidpolice.com/weekly-android-news-roundup-september-14-2024/ |url-status=live |access-date=25 Aug 2025 |website=Android Police}}</ref>.

Over time, Google introduced restrictions in the name of security. In 2023, it began requiring Play Store developers to verify their identities, which Google said reduced impersonation and malware <ref name=":0" />. Android 13 and Android 15 further limited what sideloaded apps could do, blocking access to sensitive permissions for apps not installed through official channels <ref name=":4">{{Cite web |last=Rahman |first=Mishaal |date=25 Aug 2025 |title=Google wants to make sideloading Android apps safer by verifying developers’ identities |url=https://www.androidauthority.com/android-developer-verification-requirements-3590911/ |url-status=live |access-date=26 Aug 2025 |website=Android Authority}}</ref>. These steps laid the groundwork for Google’s new, broader enforcement.

==Timeline==
On August 25, 2025, Google announced that '''apps can only be installed on certified Android devices if their developers have verified their identity with Google''' <ref name=":0" />. Developers must register through a new Android Developer Console, pay a one-time $25 fee (except for hobbyists or students, who will have a separate free path), and provide identifying details such as legal name, address, and government-issued ID <ref name=":1" /><ref name=":2" />. Apps must also be registered with their signing keys to prove ownership <ref name=":2" />.

The rollout will proceed in stages:

* '''October 2025:''' Early access program for select developers.
* '''March 2026:''' Verification opens for all developers worldwide.
* '''September 2026:''' Enforcement begins in Brazil, Indonesia, Singapore, and Thailand <ref name=":0" />.
* '''2027:''' Targeted global rollout, eventually covering nearly all certified Android devices <ref name=":0" /><ref name=":1" />.

The new system applies to '''certified Android devices'''; phones and tablets that ship with Google Mobile Services (e.g., Pixel, Samsung, Xiaomi). Devices running '''uncertified AOSP builds''' or custom ROMs (e.g., GrapheneOS, LineageOS) are not subject to this restriction <ref name=":2" />. However, uncertified devices often face app compatibility issues due to SafetyNet/Play Integrity checks <ref name=":2" />.

=== Google's response ===
Google framed the change as a necessary '''security measure''' to reduce malware, fraud, and impersonation. The company stated that malware is '''50× more common outside the Play Store''' and that anonymity allows bad actors to evade accountability <ref name=":0" /><ref name=":2" />. Suzanne Frey, VP of Product for Android, likened the change to an '''ID check at the airport''': verifying who the developer is without inspecting app content <ref name=":0" />.

Google emphasized that it will not review or police apps distributed outside the Play Store for content, only verify developer identities <ref name=":0" /><ref name=":1" />. It highlighted support from industry and institutions, including the Developers Alliance, Brazil’s banking federation FEBRABAN, and Indonesia’s Ministry of Communication and Informatics, all of which praised the move as protecting users from fraud <ref name=":0" /><ref name=":1" />.

==Consumer response==
The announcement sparked backlash in online communities. On Reddit, users called the change ''“complete bullshit”'' and accused Google of '''gradually eroding Android’s openness''' <ref name=":5">{{Cite web |date=26 Aug 2025 |title=Google will block sideloading of unverified Android apps starting next year |url=https://www.reddit.com/r/Android/comments/1n0f5zt/google_will_block_sideloading_of_unverified/ |access-date=26 Aug 2025 |website=Reddit}}</ref>. Many argued that Android is becoming indistinguishable from iOS, with some stating they might switch to Apple or Linux since Android’s openness was its key advantage <ref name=":5" />.

Independent developers raised concerns that hobby projects or sensitive apps (e.g., protest tools, ad-blockers) would be stifled, as not all creators are willing to submit government IDs to Google <ref>{{Cite web |date=25 Aug 2025 |title=Google will allow only apps from verified developers to be installed on Android |url=https://news.ycombinator.com/item?id=45017028 |url-status=live |access-date=26 Aug 2025 |website=Hacker News}}</ref><ref name=":6">{{Cite web |date=26 Aug 2025 |title=Google wants to verify all app developers’ identities |url=https://discuss.grapheneos.org/d/25235-google-wants-to-verify-all-app-developers-identities |url-status=live |access-date=26 Aug 2025 |website=GrapheneOS Discussion Forum}}</ref>. Open-source communities, including GrapheneOS developers, argued this would discourage FOSS development and give Google exclusive control over Android’s ecosystem <ref name=":6" />.

Conversely, some security experts and industry groups welcomed the move, calling it a reasonable compromise that still allows third-party distribution while deterring anonymous malware authors <ref name=":0" /><ref name=":2" />. Critics countered that determined attackers could still exploit stolen IDs, and that this introduces a “choke point” giving Google leverage over all app installs <ref name=":3" />.

Regulators had not formally responded within the first 24 hours, but commentators noted that the change resembles Apple’s '''Developer ID''' system on macOS and may be Google’s way of tightening control while remaining compliant with the EU’s Digital Markets Act <ref name=":4" /><ref name=":6" />.

==References==
<references />

Google Android restrict app sideloading

2025-08-26T21:01:02Z

SciaIsHere: Created new incident page for Google sideloading article

{{IncidentCargo
|Company=Google
|StartDate=2026-01-01
|Status=Active
|ProductLine=Google Pixel, Google Pixel Watch, Google
|Product=GrapheneOS
|ArticleType=Product
|Type=Erosion of rights, Digital restrictions
|Description=Google will block sideloading of unverified apps in 2026, requiring developer ID verification and narrowing Android's openness.
}}
{{Ph-I-Int}}
==Background==
{{Ph-I-B}}

==[Incident]==
{{Ph-I-I}}

===[Company]'s response===
{{Ph-I-ComR}}

==Lawsuit==
{{Ph-I-L}}

==Consumer response==
{{Ph-I-ConR}}

==References==
{{reflist}}

{{Ph-I-C}}