
Google play removed my productivity tracking app for spying - tahooie
http://www.everaccountable.com/blog/2014/10/16/out-of-the-blue-google-shut-down-ever-accountable
======
notatoad
from the appeal: "My app helps people avoid pornography by monitoring their
actions and reporting those actions to the person they specify"

from the features list: "...is hard to circumvent...", "option to remove the
icon in the status bar", "Accountability partners are notified if you ever
disable the app".

it's straight up spyware. it doesn't help you "avoid pornography" by blocking
it like you would do if you actually wanted to avoid pornography, just by
spying on you. Just because you put "for personal use only, wink wink, nudge
nudge" in the description it doesn't make it any less of an app designed to
invisibly and remotely monitor the activities on somebody else's phone. This
is exactly what the Google Play guidelines forbid, and if you didn't read them
before you published your app that's on you. Consider yourself lucky that you
got away with it for this long.

~~~
iandanforth
You seem to have made up your mind on the intent of the creator, and the
intent of its users. A constructive response however would have noted how you
think apps with non-malicious intent, targeting people who genuinely want this
type of functionality, can distinguish themselves.

When I read your response I imagine a description of a hammer, which has
"powerful striking force", and "a reinforced tapered claw", and "extra long
handle for extra reach and leverage." Clearly this is nudge nudge, wink wink,
targeting people who want to use it to hit other people.

As someone who has installed productivity apps that were too easy to remove
and specifically appreciates one of the features you derisively called out, I
think you owe the creator an apology.

~~~
Houshalter
We can't possibly know what the intentions of the creator are, but it is
definitely against the rules and for good reason:

Smartphones Are Used To Stalk, Control Domestic Abuse Victims:

[http://www.npr.org/blogs/alltechconsidered/2014/09/15/346149...](http://www.npr.org/blogs/alltechconsidered/2014/09/15/346149979/smartphones-
are-used-to-stalk-control-domestic-abuse-victims)

>85 percent of the shelters we surveyed say they're working directly with
victims whose abusers tracked them using GPS. Seventy-five percent say they're
working with victims whose abusers eavesdropped on their conversation remotely
— using hidden mobile apps. And nearly half the shelters we surveyed have a
policy against using Facebook on premises, because they are concerned a
stalker can pinpoint location.

~~~
duskwuff
And with this sort of "use case" in mind, the vague name "Ever Accountable",
innocuous-looking icon, and evasive description all work to the advantage of
abusive users, by making it unclear to device owners exactly what this program
is and what it's doing.

------
steven2012
It sounds like this sends a report of all Internet usage to someone, not just
the porn sites. That seems pretty weird to me and I can get why Google thinks
it's spyware. It is easily an app where someone could install it on their
spouse's phone without their knowledge so that they get a listing of their
entire usage.

To call it as productivity app where it is obviously a tracking app is
probably something that hurt your case.

Unfortunately the app is too close to actual spyware such that Google probably
would rather close you down than risk this getting bigger.

Maybe you can make changes to your app so that it's not sending everything,
just the porn sites and have there be some sort of notification to the user
that the report is about to be sent. As it is, from what I can see, it could
easily be used as spyware unfortunately.

~~~
colechristensen
Then again, if you're not fairly careful, anyone with access to your google
password can locate your phone, read your web history (Chrome), access backups
of your photos, see a map of where you've been....

I support Google's decision here, but let's be honest, without being a hyper-
vigilant user, the whole Google software ecosystem is an extraordinary piece
of spyware itself.

~~~
h4xar
True, but you can't sneak the Google ecosystem into someone's phone the way
you can sneak conventional spyware into it. Or can you? Hmm...

------
jwatte
Add an indicator that the app is running, and add some language in the
description that directly (not just indirectly) addresses the policy. Re-
submit and build up a new reputation.

Yes, that sucks. The entire "we'll take 30% of your money but you can't talk
to a real person and we won't tell you how we interpret your app in terms of
our rules" is ludicrous. In the U.S. the market is supposed to bring forth
more developer friendly app store ecosystems, but that isn't working so well.

Also, the "we'll terminate any other, unrelated accounts at or whim" smells of
anti-trust violations, but nobody has yet had the case, money, and time to
take them to task for it.

So, the two options are to conform like the minion to the system we all are,
or find another line of business.

I recommend adding the persistent notification icon and starting over.

~~~
tahooie
I have the persistent notification already. Android lets you remove the
notification, so I made it easier for non-savvy people to hide it. I guess
I'll take out the easy button, though my competitors all have it.

Also, I'll send an email to EVERY registered account on the device when it is
set up, instead of only the one they pick. That will make it even harder to
use this for spying on someone who doesn't specifically want to be spied on.

~~~
pgs
> I guess I'll take out the easy button

More than that, you need to make the persistent notification unremovable.

~~~
duskwuff
And, ideally, make the notification contain text that makes the application's
ongoing behavior completely clear, e.g.

"Your Internet browsing and application usage are being monitored by
EverAccountable, and will be reported to <email addresses>."

If the application's intent is indeed to keep its users "accountable", then
surely reminding the user that they are being tracked, and by whom, should
only enhance this purpose.

------
dragonwriter
Among all the defenses posted in the article, there is no indication that the
app presented a "a full-time persistent notification and icon that clearly
identifies the app" as required by the "spyware and phishing" policy linked in
the Google suspension email for apps that "track device user behavior".

So, that may be the reason.

~~~
x0x0
it, in fact, doesn't

    
    
       * Option to remove the icon in the status bar. The app will still run in the 
       background.
    

a choice quote from the very first review pasted here [1]

    
    
       So far so good I love this concept, its a subtle way to keep yourself 
       accountable with your friends help. The best feature of this app is its 
       kinda incognito in the since that you can let someone use your phone and not 
       have them wonder why you have and "accountability app" on your phone and 
       judge you. Unlike every other similar app, they have an option to hide the 
       icon from the notification area, which is very important. 
    

Yeah, it's a mystery (rolleyes) why google disabled this app.

[1]
[https://docs.google.com/document/d/1SGy3goNVFC7zKWn0Rm10pOMb...](https://docs.google.com/document/d/1SGy3goNVFC7zKWn0Rm10pOMbOZ38AHOKZHMA8diFvF8/edit)

------
fragsworth
Google is notorious for doing shit like this, you can't talk to a real person,
you're just fucked. All you can do is complain on social media.

They banned my game ([http://clickerheroes.com](http://clickerheroes.com))
from using their ads, which ended up losing them (and me) a small fortune in
ad revenue. In my case, I wasn't even told _why_. I tried to appeal several
times too, got rejected through what seemed to be an automated system, and had
no recourse. It's especially bad because they have an effective monopoly on
things like this. (The CPI on any other ad network is complete garbage)

I've had better customer service on things I paid $10 for. It's ridiculous.

------
Sonicmouse
It's a shit business model to rely on Google or apple got your pay check via
the App Store.

I've said it 1000 times. There is a story like this once a month where an
entire company gets shut down because you get on apples's bad side or google
decides they no longer need you.

Walled Gardens are shit. Even on google. Android is "Free and open" my ass.

~~~
piyush_soni
Well, theoretically (& technically) it IS 'free and open' (just that you won't
get Google play services if you want it that way, but there are manufacturers
which make Android phones without these services) - but yes, your first
comment is still right - relying your whole business on Google or Apple app
store is just not very good.

------
anigbrowl
I hate posts like this. The app has been removed from the Google play store,
so now we have no way to look at the marketing materials and offer suggestions
for how they might be changed or what the problem might be. Yes, app stores
should be more responsive, but there's no point in wringing your hands saying
'what could be the problem' when you leave readers in the dark like this. At
least paste in the original marketing copy or hunt down an archived screenshot
of your store page or something.

~~~
tahooie
I did manage to copy all the reviews and store description before it got taken
down. Here it is:
[https://docs.google.com/document/d/1SGy3goNVFC7zKWn0Rm10pOMb...](https://docs.google.com/document/d/1SGy3goNVFC7zKWn0Rm10pOMbOZ38AHOKZHMA8diFvF8/edit)

~~~
duskwuff
Based on that description, it _absolutely_ sounds like a covert surveillance
application, and I can completely understand why it was removed:

* "automatically watches every website you visit and app you use"

* "Very difficult to circumvent"

* "Option to remove the icon in the status bar"

* "Accountability partners are notified if you ever disable the app"

While the _intended_ purpose may not be surveillance, it ends up being very
well suited for that role.

~~~
codezero
I don't have the link handy but this reminds me of the guy who made a Gift
Card to Bitcoin exchange that started to get a lot of traffic and he was
surprised that this was a common path for money launderers.

------
moron4hire
People should be able to install whatever software on their computers they
want. "What if so-and-so grabs such-and-such's phone and installs it?" Well,
the same thing applies to my PC. A lot of opsec goes out the window with
physical access. Put a passcode on your phone.

~~~
dragonwriter
> People should be able to install whatever software on their computers they
> want.

And Android supports sideloading apps.

OTOH, that doesn't obligate Google Play to allow any software you want to sell
into their store, especially when it violates black and white terms associated
with the use of the store.

~~~
moron4hire
I don't so much have a problem with the Play store culling out certain
violating apps. I'd just prefer it that they do an honest, real job of it[0].
Either curate the system or make it open. What we have now are non-open
systems that are not actually all that curated.

[0] And that's slightly separate from whether or not non-app store programs
are installable. But I do think that Apple and Google have explicitly
attempted to discourage and obfuscate any process for doing so, even so far as
to call into question who truly owns the device, you or the corporation.

------
McDiesel
Firstly, im not saying this to be a dick... but it sounds dickish... sorry.

What it comes down to, is that its foolish to rely on a business that lives
entirely in someone else's garden... if google play just shut down tomorrow (i
know, not likely, but you never know with the way patent trolls are these
days) then you'd be just as screwed... if you base your livelihood on a
business you own that is in and of itself reliant on a third party, you're not
going to have much stability.

~~~
UnoriginalGuy
This attitude is tiresome and unrealistic.

There are a lot of businesses based on iOS/Mac app stores, Play Store,
Amazon's EC2 infrastructure, Amazon's seller marketplace, eBay/PayPal,
reselling (e.g. domains, hosting, etc), which won't meet your criteria.

Now let's look at non-digital goods: All new car dealerships, every shop in
rental space (which is almost all of them), all airlines, in fact all airport-
located businesses, government contractors, all franchises, et al.

So what businesses exist which aren't reliant on a third party? If we ignore
government as a "third party," there still aren't very many. Most businesses
rely in some part or a large part on a third party.

------
markbao
I sympathize with you and I hope that HN/Google does too, but please, please,
please include a description of the app that clearly describes how it is the
converse of what Google says it is, if you want people to understand why it's
different. As the second paragraph, if possible.

------
moron4hire
Why is this still a problem? Ultimately, because we treat mobile devices as
somehow different from PCs, and we expect different things out of their users.

A PC user is expected to understand that there is a certain risk involved with
downloading and installing a random program. We warn them, provide them with
scanning software, etc., but at the end of the day, we leave the choice in
their hands.

A mobile device user is expected to be an abject moron who willy-nilly clicks
on links and installs "apps" because "apps" aren't "programs" [0]. So we
curate and control what "apps" to which they have access, supposedly in their
best interests, supposedly fairly, supposedly blocking out the bad stuff.

Neither assumption is, of course, either incorrect or correct. We should
expect users to understand the risks of installing software, as much as we
should expect them to understand the risks of inviting a stranger into their
homes [1].

But at the same time, users are god damn idiots. It shouldn't be so easy to
tap-tap-tap install a program from who knows whom that has been recast as an
"app" and thus disassociated from the notion of "program" that they might
already know shouldn't be installed without trust.

App stores need to either shit or get off the pot. If you're going to claim a
curated app store, then curate the apps already. Either they are a curated
means of acquiring programs, and thus can be completely trusted, or they are
not, in which case they need to dump the concept that they are "official" or
"certified". This post-hoc nonsense is bullshit.

[0] I do know people who don't think of web apps as "downloading" anything,
and don't think of smartphone apps as the same thing as "programs". And I very
much believe it to be an intentional bit of marketing on behalf of the
operating system vendors to encourage people to prop up a nascent app market.

[1] Well, it is worse. You'll probably not be burned by letting every random
stranger you ever meet into your house. But of those same people, one of them
might be a software MBA, and concerning your computer, he sees it more as his
property than yours.

~~~
samdroid
On PC you download random software from the software makers website, not from
a Google or Apple site. Now, if you are downloading something from the
__Google __play store, that implies some form of responsibility by Google.
Google is being careful to stop some people from saying "I got a virus from
Google!!! They are evil!!!", and similar things.

~~~
moron4hire
Right, that is the point I'm trying to make.

That is the statement they are making, but it's not the reality. There is a
lot of what can only be described by reasonable people as malware in all of
the app stores. They are not curated at all. It just happens that sometimes,
an app has a complaint against it and an investigation leads to the app
getting banned. That's what I mean by the post-hoc system they employ.

And let's not even get into the issues of quality or uniqueness. How many
freaking compass apps do you really need?

If you're going to limit free, open installations, and market to users a
curated ecosystem, then curate the apps already. Create a review board. No app
goes published without human eyes overlooking it. I don't care that it will
reduce the number of approved apps (or the maximum approval rate). That's the
entire freaking point. Curate the apps already.

------
andrewchambers
If it is clear that the app is running, then I disagree with google. Maybe
they are concerned people will install it on other peoples phones?

That clearly isn't the apps purpose however.

------
general_failure
Well, this is the world we live in. A world moderated by apple and google. We
have to play by their rules. It suck but its a future we have collectively
chosen.

------
sergiotapia
>Hi, We have reviewed your appeal and will not be reinstating your app. This
decision is final and we will not be responding to any additional emails
regarding this removal. If your account is still in good standing and the
nature of your app allows for republishing you may consider releasing a new,
policy compliant version of your app to Google Play under a new package name.
We are unable to comment further on the specific policy basis for this removal
or provide guidance on bringing future versions of your app into policy
compliance. Instead, please reference the REASON FOR REMOVAL in the initial
notification email from Google Play.

\---

So you spend time investing in their platform, learning their outdated
toolchain, make them money, and they can just shut you down for no reason.
It's no wonder the vast majority of mobile apps are side-projects. Who in
their right mind would quit their job and join this crap-shoot.

~~~
tahooie
I hope that they'll get their act together on this! With only a $25 one-time
barrier to entry, I can understand that they probably have thousands of awful
apps being posted all the time. But they should at least show their
established developers the respect of working with us before shutting us down.

------
doctorshady
Google removing an app for spying? Isn't that like the pot calling the kettle
black?

------
squiggy22
Google web history. Pot. Kettle. Black. Would agree with other comments though
that the external sending of report to third party email address is likely the
cause. Making reporting solely related to the current user may help your case.

------
JeremyBanks
Mods, how about resetting this title?

------
IBM
The walled garden strikes again.

