Hacker News new | past | comments | ask | show | jobs | submit login
Open-source apps removed from Google Play Store due to donation links (zx2c4.com)
1438 points by regecks on Oct 16, 2019 | hide | past | favorite | 557 comments

We merged a similar thread, "AndOTP Removed from the Google Play Store Due to Donation Link", into this one. Perhaps we'll update the title to cover both.



Just to add clarity these were two different apps that were taken down: Wireguard and AndOTP (among others mentioned in this thread)

Wireguard had 50k+ installs according to its (now dead) playstore page: https://webcache.googleusercontent.com/search?q=cache:kSsZsb...

AndOTP had 10k+ installs: https://webcache.googleusercontent.com/search?q=cache:buaKcF...

[Prior reply got detached in some cleanup, so adding again here.]

An update on the WireGuard situation: they have reinstated the app _without_ the donation link. From what I can tell from talking to Google insiders, there has been no change in policy. Officially, Google has not communicated at all with us about it, so we're not sure what's up. But at least our app is available again to users, which is great.

Hmm, any idea how Google automatically catches a donation link? I feel like there's so many ways to do it that they must only be catching a handful.

My app also got taken down some months ago. I had a menu entry called Donation that linked to a web page containing a PayPal donation button. I'm guessing they are just looking for the string Donation in your app.

What app was it?

The OP says the process is manual.

Google Play In-app Billing does not support donations [1], so open source developers should be allowed to link to their own donation pages. Google Play policies do not spell out that linking to donation platforms such as Patreon is forbidden.

Disallowing developers from using in-app billing for donations, while also barring them from linking to external donation platforms, puts open source projects in a difficult position, and appears to be overly hostile towards funding open source development.

Google must clarify their position on whether they allow donation links in apps published on Google Play. The app takedowns [2] of the last few days show that this is a significant development, and it is of great importance for all open source developers.

It's best to publicly document the messages you receive during app takedowns, since app store policies are often vague, it's easy for reviewers to make mistakes, and having a clear reference for these decisions also helps the public assess the validity of the takedown.

[1] https://play.google.com/about/monetization-ads/

> Here are some examples of products not currently supported by Google Play In-app Billing:

> One time-payments, including peer-to-peer payments, online auctions, and donations.

[2] https://news.ycombinator.com/item?id=21268389

> Disallowing developers from using in-app billing for donations, while also barring them from linking to external donation platforms, puts open source projects in a difficult position, and appears to be overly hostile towards funding open source development.

Google Play has been very clear about this[1]:

> Fund solicitations

> Examples: Donation solicitations from parties without a valid 501(c)(3) tax exempt status clearly displayed to the public; solicitations from parties without valid proof of exempt tax status or proof of registration with the relevant country's regulatory bodies and authorities; and political organizations that have registered with the Federal Election Commission (FEC)

For instance, Wikipedia displays an external "Support Wikipedia" link in the main menu of its Android app[2] without violating Google Play's terms and conditions.

[1] https://support.google.com/faqs/answer/75724?hl=en

[2] https://i.imgur.com/MEut6yC.png

Sure, but why? If the rules clearly said "no chess games", one could say "that ends the discussion of why chess games are denied", or you could further ask "but why are no chess games allowed?". Is it because Google plans on having their own Google-Chess someday and thus is preemptively preventing competition? Is there a technical or regulatory reason chess games aren't allowed?

That's the question (at least for me) here: why are (non-tax-exempt) donations not allowed, beyond the tautological response of "because the rules say so"? I'm not familiar with the regulations around this area, so for all I know there's a great non-Google reason for this and Google just wants to avoid the hassle of conforming to some law. Or maybe donations is a feature they want to eventually support in Google Play and they don't want to have to force a bunch of apps in the future to switch once they add it (which would be a more disappointing reason). Perhaps they're afraid that it would create a loophole where people could get around the 30% cut since psychologically it feels shitty for someone to middle-man a donation, but then if they made donations Google-tax free, everyone would just choose "donation" and they'd have to police this.

My guess is it's ripe for fraud. Find open source app, put on Google with your donation platform of choice, profit!

By requiring government registration my guess is the hope is both that the fraudsters will be caught or dissuaded and if they do make it past the government registration then when the real devs complain Google can say "take it up with the government. They mis-licensed. We just followed their license"

My guess is you missed the point of Free Software. Anyone can use it in any way, including selling for profit. "Free" as in "freedom", you know

Recently I created a small homepage with different re-packaged versions of Java: https://jdk.dev

All that alternative packages are free of charge but they have extended support from a number of big companies. All these companies funded separately, there's no common place for donations or something.

That's totally ok in the world of Free Software. Pick any source code you want, repackage, rebrand it, sell it as you wish and may the Force be with you. People do it all the time.

Just because the license lets you do what you want with the code doesn't mean you’re allowed to commit fraud.

For example, if a person were to repackage someone else's open source project with a link that says, "Donate to support the development of this software" that's still fraud (assuming they keep the donations).

I understand your point but we should not assume criminal intent without some solid evidence.

Back in days I paid for CDs with only open source software because internet was too slow. CDs were definitely priced for decent profit. The beauty of opensource is that we can do this legally.

But this isn't a discussion of assuming criminal intent of a particular actor. This is a discussion of a rule to prevent actions by a hypothetical criminally-inclined actor...and thereby prevent a platform from getting a reputation for that criminal action.

I like that page but really not a fan of the font. It looks... dirty? Like writing with ink on wet paper.

If they repackaged the app, gave it out for free, but changed the donation link how would that violate the license?

I suspect OP was referring to the non-profit status given by the government as “the license,” not the license of the source code.

And a non-donation in-app payment isn't open for fraud?

If it was a normal in-app payment it would go through Google. Where it could be tracked, identified as fraud, and stopped.

You misspelled "Where it benefits Google, no matter whether it's fraud or not".

I am okay with that. No one is forcing anyone to use the Google service.

You are forced to use either Apple or Android or a Windows PC to acces many services that are essential to modern life. Android would probably be the cheapest option. So if you do not want to use Google services you would have to pay premium. For many people it is not an option.

I am not and I am not using neither Apple, Android (I am using the FOSS version, I guess that does not count as Android in this case) nor Windows and I am not missing anything, and I'm not frugal in this sense (most of my friends consider me a guy living in the future). And I am not paying premiums. I simply prefer web apps over native apps, it's a breeze with PWAs.

All government services where I live require Windows/Android or Apple. For some time I used Android in a VM for tax declaration etc, but the developers first banned the OS build name, so I changed the build name :P But then they found some way to figure out that I was using a VM. My hope is in PWA's, but the problem with PWA's (it's a feature really) is that it's harder to fingerprint and spy on the user. Also meaning it's harder to catch abuse like identity theft. I know there are ongoing work on Web ID standards where you can have a cheap second factor device as key. So it looks promising. But then there are the platforms, what incentive do they have, (more then empowering their users and developers), to actually enable a layer like web browsers that circumvent their monopoly status?

The requirement for provable non-profit status is a legal requirement. A new federal law that passed last year makes it so any "online" content distribution network (including Google play) is legally responsible for any crimes committed by someone else listing a product or message on their platform.

Basically, if you include a donation link in your app without proving non-profit status you could be committing fraud, and Google could be held equally responsible to the crimes of the app being hosted. Google also has to report non-tax exempt profits made by any app/content they host in many locations, so only non-profit groups may link to a 3rd party payment system without violating legal statutes in some countries/states.

> Basically, if you include a donation link in your app without proving non-profit status you could be committing fraud,

How is it fraud to ask for donations without being a non-profit?

> Google also has to report non-tax exempt profits made by any app/content they host in many locations,

I am not familiar with google's payment model, but is there no way to charge users except through Google for google play apps?

How is it fraud to ask for donations without being a non-profit?

It's higher risk for sure. Non-501c3 donations are the kind of high risk small peanuts you can imagine a behemoth like Google wanting to get away from.

Thank's for the insightful response. I figured it was google covering their financial butt.

Because it saves google some hassle in policing shady monetary schemes. As soon as money is involved it is a massive hassle. Going outside of established monetary policy opens up a massive hole of shenanigans. Not to mention every app you download would have huge incentive to put up endless patreon/donate buttons that would go outside of googles carefully crafted walled garden, yet they would be held responsible for shady practices.

So they want the app store but as soon as it gets comlex or difficult to manage they kick up their heels and ban apps rather than stepping up to the plate and owning thier problem.

It seems like either (1) Google fears getting in legal trouble, or (2) Google wants to tax the transaction.

Their house, their rules.

Right, but I’m outside their house, asking others who are standing on the sidewalk with me, why they think they have these rules.

Smartphone app stores are a duopoly, so I don't think Google should have total freedom to decide what they allow and what they don't.

There are at least three, actually, since Amazon also runs their own store which can be installed on any Android device. Samsung has another one specifically for Samsung devices, and there's also F-Droid though that might not count as a "store" since it doesn't handle payments. Anyone else can start their own the same way. Only the Apple devices are restricted to apps from their vendor-specific app store.

A great way to have nobody come to your parties.

Or a good way to avoid having party guests trash your house.

Can't have party guests trash your house if nobody comes to your party!

taps finger on temple

Problem comes when they own 90% of houses

It's pretty obtuse to only permit 501(c)(3)s.

Likely this is Google avoiding additional regulatory complications/KYC. It's cumbersome to prove you're not enabling money laundering or funding terrorist organizations if you're an arbitrary money sink.

But I'd expect better than Google, a business with an astounding $836B market cap. They could just buy a company that primarily handles this sort of money flow (e.g. Streamlabs)

It's understandable that they want to process payments only for registered organizations, but that still does not explain why are open source apps being taken down for linking to an external page that lists ways to support projects.

Probably because Google or it's financial partners have compliance programs that require all money flows they enable go through the required regulatory channels.

If an affiliated party is breaking regulations, you can often get in trouble by continuing to be associated with them once you're aware, and ignorance isn't a valid defense.

It's unlikely that GitHub subjects themselves to legal risk by allowing developers to link to Patreon [1]. I think this issue has more to do with Google's priorities, than what is legally possible.

[1] https://help.github.com/en/articles/displaying-a-sponsor-but...

Patreon assumes the bulk of the legal risk, and GitHub probably is ok with Patreon.

FWIW I agree with you, Google isn't prioritizing solving this properly and is opting to take the easy way out

Oh do come off it. This is bureaucratic bullshit at its' finest.

We're talking about a hyperlink in the app. Linking to wireguard.com would be fine.

How about if wireguard.com had a big donate button?

How about if wireguard.com has 'Donate' in bold?

I know you're not the person actually signing off on this - but to the one that is - fuck you. In bold.

No-one is getting sued because of one step being removed in a hyperlink chain to a donate button. If they are it's getting thrown out instantaneously.

Characterising a link to a donate button as being in _any way_ related to aiding money laundering is ridiculous.

Cease this insanity.

It's not a lawsuit that people are afraid of. It's potential action from financial regulators, who are famously inflexible and disinterested in being nice to open source software developers in genuine financial need.

Parties like Google and Apple are well aware of the potential consequences, and thus are similarly inflexible and disinterested in being nice to a fairly small group of use-cases that exposes them to an outsized amount of risk.

It's really, deeply unfortunate. It's incredibly painful for everyone who has to deal with this bureaucratic bullshit. Unfortunately, it being bullshit doesn't make it less real or less reasonable.

Unless you're casting literally any action ever as being subject to "potential action from financial regulators", which is theoretically true but simply asinine to discuss, this completely misses the point.

It is not a real concern for Google to have a hyperlink https://wireguard.com/donations buried inside an app distributed on the Google Play Store.

I don't believe your concern is legitimate. It's arse covering gone mad, sorry.


You can email me, my email is in my bio, and I will respond with a way that you can send me money. If dang reads this post and does not take it down, does that put HN at risk of AML action for potentially 'aiding the money flow'?

edit: actually, you can click through enough links on my bio and get directly to donation pages. now we're really fucked, right? who's gonna turn off the lights?

Your rhetorical is not equivalent. Google Play Store is a marketplace. Google facilitates transactions -- from users to app developers. Some transactions are free, but Google's financial partnerships might mandate that certain regulations apply to the entire Google Play Store ecosystem. I could be wrong, but I'd reckon this is a grey area and Google is opting to avoid the problem altogether (IMO a bad choice).

This website is different -- not just free -- there is no financial partnership in play (as far as I'm aware). But rules still apply. If you put a link in your profile taking donations for Syria, the operators of this site are obligated to comply with OFAC sanctions and I'd expect your profile to change pretty quickly.

In this case, I'm guessing Google is opting to choose the path of least resistance, and rather than perform due diligence and KYC for apps which solicit donations, they've chosen to just... not do that.

They haven't chosen to just "not do that".

They've chosen to pre-emptively cover their arse against a risk less likely than an asteroid hitting Earth by just nuking the apps.

There's another thread on HN about this right now - I don't know how these people can like, exist, in this world, with every one of the hairs on their head individually combed into a perfect slick. Can you even eat breakfast without worrying about some tail risk?

Too much HN for today, methinks. I'm so glad that the normal people I interact with in the world aren't this wanky (I don't mean you or other posters here, but the bureautwats that actually implement this stuff)

Honestly, I'm in agreement with you.

You're right, and the Google is wrong.

Really? Because Chrome allows me to navigate to all manner of sketchy sites- should Google be dropping Chrome? I mean, it's about as specious of reasoning as claiming that financial regulators will go after Google over donation buttons in apps. At that point, the whole thing is so far removed that it feels like being worried over getting struck by lightning. Heck, Chrome will even autofill a saved card into a donation page for me. Does Google need to follow KYC for every Chrome user and every page they visit?

Sure, maybe the argument can be made, but come on. We all know this is so that Google can get their nice 30% cut, and cut off any alternate funding sources for Android apps. Otherwise, shady developers will just require a "donation" instead of a purchase. That is behavior that Google would be reasonable to police, but to claim that action from financial regulators is what's causing this is just silly.

So many services use KYC/AML stuff as a catch-all excuse because it's easy to claim 'tip-off' provisions and just flat out refuse with no further information.

It's just your bog standard wanky corporate dishonesty. Nothing new under the sun.

Google does not exercise significant control over what websites a user can visit with Chrome. They certainly don't maintain a whitelist. Some might opine that the Play store is perhaps a slightly different matter.

It may also be worth considering that actions can, at some times and in some situations, be taken by human beings for multiple reasons with multiple independent motivations. All of which are real, genuine reasons.

They maintain a blacklist though, called Google Safe Browsing. Perhaps Bitcoin sites should be added to that to prevent money laundering. Pornographers should be licensed, otherwise omitted from search results.

Too many adverse effects you say? Sorry, that's just the way it is, no use complaining.

They are not enabling this money transfer. They have nothing to do with it at all.

It appears only non-profit organizations are allowed to use Google Play In-app Billing for donations, which is fine.

But why are we forbidden from linking to an external page that lists other ways to support a project, such as Patreon?

I think we should stop being apologetic, and begin to call out Google for the damage they are inflicting upon open source developers.

> If only non-profit organizations are allowed to use Google Play In-app Billing for donations

Nobody is allowed to use Google Play's in-app billing for donations, and only organizations with a valid tax exempt status can link to an external page that lists donation options.

The page you linked to lists activities that are forbidden if you use Google payments.

> Any individual or business processing transactions with Google payments must adhere to these policies.

Maybe the Software Freedom Conservancy[1] or Software in the Public Interest[2] could help open source Android apps take donations.

[1]: https://sfconservancy.org/ [2]: https://www.spi-inc.org/

What do you do if you aren't based in the US? Are you able to gain a tax-exempt status or do that only applies to US orgs?

> Examples

Since those are examples I hope this also covers tax-exempt charities in other jurisdictions.

I switched to the german site and it still only refers to american laws.

The full text says "relevant country's regulatory bodies and authorities".

"Examples: Donation solicitations from parties without a valid 501(c)(3) tax exempt status clearly displayed to the public; solicitations from parties without valid proof of exempt tax status or proof of registration with the relevant country's regulatory bodies and authorities; and political organizations that have registered with the Federal Election Commission (FEC)."

> solicitations from parties without a valid 501(c)(3) tax exempt status clearly displayed to the public

As far as I can tell (though I am no expert) it would be very difficult or impossible for an open source project to qualify for 501(c)(3) tax exemption. And even if it was, the cost in both time and money to obtain such a status would not be worth it for small open source projects.

What you quote seems to be the Google Payments policy, not the Google Play policy:

"Any individual or business processing transactions with Google payments must adhere to these policies."

These apps weren't using Google payments, and it is suspected that they were taken down for not using Google's payment systems (despite not being allowed to).

>Any individual or business processing transactions with Google payments must adhere to these policies.

Are the developers using google payments for other things/apps? Because in the context of these specific apps they are not using Google payments, so the policy wouldn't appear to be applicable.

> (...) puts open source projects in a difficult position, and appears to be overly hostile towards funding open source development.

This is the problem of developing free software on a non-free platform. They have absolute control of your work under their own terms, no matter how ridiculous they are. I never understood why the google play store is a socially acceptable idea for free software developers.

It's the most widely used software distribution channel in the world. I'm sure most would prefer to distribute on F-Droid but open source developers want their apps to be successful too.

... and this is why it's a good idea to use F-Droid instead of the Google Play Store if you can.

> Google Play In-app Billing does not support donations [1], so open source developers should be allowed to link to their own donation pages.

Ok, I had to stop there. They have no claim to this as long as they distribute within the store. It would be nice if google allowed this, but there is no obligation. App Stores are monopolies and should be regulated to allow open distribution.

I just cannot comprehend how there are thousands of predatory apps on the store and these apps get banned.

Aside from that it should highlight problems with app stores as a model for software distriubtion in general, although I don't have much hope that this will happen in the immediate future.

That there even exists such a rule is ridiculous and unacceptable in my opinion.

I don’t believe cable tv, for how locked down and awful it is/was, ever went so far as to try and limit any spending outside their own platforms. Perhaps it was a lack of innovation, but the internet and the world of software licensing is gross by comparison

In this case, can't you simply have a one time purchase instead of a donation ?

There are always workarounds, but that is not the point. We must not allow these platforms to discriminate against funding open source development through donations.

Perhaps the solution would be to allow users to buy a 'virtual currency' in the app that actually doesn't do anything? It could be argued that this is a vanity item, like cosmetics, and so is exempt.

Why can't open source app developer have companion donation app like many freemium android apps do?

WireGuard was reinstated after Jason has submitted a new version which does not contain a donation link. The issue has not been solved, and Google did not yet contact maintainers to clarify whether they would be allowed to have a donation link in WireGuard.

Several other open source apps are still missing from Google Play, including andOTP.

While WireGuard was bought back online, version 0.0.20191013 was briefly made available (with a donation link) before it got updated to version 0.0.20191016. Again, the current version of WireGuard does not contain a donation link.

This is the original version of the post, which has become inaccurate minutes after it was posted:

> WireGuard has been reinstated [1], and the donation link is in the app menu (version 0.0.20191013).

> Google has reversed its decision to remove an app that contains a link to a donation page, likely because of public scrutiny.

> I'm hopeful that people will continue to seek answers for why Google has begun to remove these open source apps, there are several of them mentioned in this thread alone. Please don't allow this to go unnoticed, the future of a bunch of less popular open source projects may depend on how this issue is perceived by the public, and addressed by Google.

> [1] https://play.google.com/store/apps/details?id=com.wireguard....

If it really is because of public scrutiny, IMHO we shouldn't actually treat it as if it happened at all - a corporation that only responds to public pressure like this should be shamed and avoided.

(slightly expanded version at https://news.ycombinator.com/item?id=20829422)

An update on this: they have reinstated the app WITHOUT the link, and there has been no change in policy, according to insiders. Officially, Google has not communicated at all with us about it.

It's disheartening to witness some of the arguments in this thread defending Google, saying that disallowing open source developers from linking to their Patreon pages is a legal requirement, because Google is legally liable (while the rest of the internet apparently isn't) for the payments that may happen on Patreon by following those links.

> Google has reversed its decision to remove an app that contains a link to a donation page

Are we sure that this is a decision reversal, as opposed to just reinstating one (or a few) apps?

This is why it is important to continue questioning their actions, a bunch of other open source apps remain taken down, or were forced to remove their donation links. The issue of donation links in apps must be clearly addressed by Google.

Could you double check 0.0.20191013? My phone just updated, and I'm seeing the APK version that has the donation link removed, 0.0.20191016.

I haven't received any further emails from Google (yet?), so I'm still uncertain as to whether I have any sort of green light to republish a version with the link.

Yes, 0.0.20191013 has been freshly installed on my device from Google Play right before I posted, and has a donation link. I see the version published on Google Play has been updated since to 0.0.20191016.

Oh, super. Thanks for confirming. I'll wait a day for some response from Google, I suppose, and then decide whether or not to re-add it. I certainly don't want to inconvenience users again.

But was it a version with the donation link removed?

The version with the donation link was up only for a short period, and then it was superseded by the new version. The currently published WireGuard version has NO donation link.

The very same thing happened to manyverse (android ssb client) the other day. Got de-listed, resubmitted without donation page, now it's back up.

How google tries to claim any sort of support for open source is beyond me. What open source app doesn't need a donation link? Those approved and funded by google don't, okay. But other than that?

Oruxmaps even had a donate version that went through proper Google channels when the free version was forcibly removed either for a donation link in the app that was incompletely removed from the Play store build variant or because of a donation link on the product website. It never came back, now the paid version on Play is effectively a billboard "you could save those dollars by going over to F-Droid where we are payment optional".

This is good news for F-Droid.

I just wish F-Droid had a better design but I guess that's just the nature of OSS. It always looked a bit shady and out-of-date, which probably hurts it's popularity.

Someone started a G-Droid project[1] with the goal of being a better local client for F-Droid. It's not a full replacement yet, but has many additional features and a better UI. Hope it takes off and perhaps gets integrated into the main client some day.

[1] https://gitlab.com/gdroid/gdroidclient/

Well, throw them a couple of bucks a month, they have a donation button on their homepage ;)

But the design is fine, at least with dark theme. For me, the UX is better than Play Market.

The strangest fact is, those donation pages only have some links, there is no in-app payment. I don't understand what Google is thinking about when they banned donations...

Wait. I suddenly understand something I've seen previously...

There is a workaround! You simply upload two versions of the app, the free edition and the supporter edition. The support's edition is a paid app. You can ask the users who want to support you to install the paid app in your free app. The program itself is still 100% free and open source, there is no functionality restrictions in the free app, the donation notice can be turned off - just as a way to encourage donations. And it's nothing against the rules of the store.

> I don't understand what Google is thinking about when they banned donations.

They're thinking that they're a monopoly and can do whatever the hell they want without needing to justify themselves?

hazarding a guess, i’m assuming people tried using off-platform payments described as donations to sidestep play store payments

Yes. This is what I suspect. But knocking out all donations using a big ban hammer is not acceptable here, it should be decided on a case-by-case basis. For example, a standard I can think of, is distinguishing donations and payments that influence the functionality of the application/service, and those that have no effect.

> But knocking out all donations using a big ban hammer is not acceptable here

To be fair they didn't. You can accept donations if you're an actual charity (like Wikipedia is). The line they drew isn't perfectly fair, no, but it's not a full ban hammer, either.

As far as I can tell, probably!

That way google gets a cut of the donation.

Oops, it's not a good idea! I now see the motivation behind it!

This is the reason Apple started doing this way back. Sad to see Google follow suit. I guess the bottom line is the bottom line...

I thought this was a Apple only thing and Google doesn't do this. For example, you cannot buy Audible books frim iOS apuo but can from the Android app.

You can, but I don't think you're supposed to direct your users to put their credit card info in, that all needs to be handled somewhere outside the app (with a message like please sign in on our website). Which seems very blatantly anticompetitive to me.

Now that I think of it, Uber has you put your credit card in. I'm not sure why that's allowed

It's allowed because Play Store in-app billing is only required for digital goods & services fulfilled by the app, not physical goods & services fulfilled outside your device. Uber isn't selling you app functionality, they're selling you the physical service of transportation, so they're exempt.

Quote from policy [1]:

Developers offering products within another category of app downloaded on Google Play must use Google Play In-app Billing as the method of payment, except for the following cases:

- Payment is solely for physical products

- Payment is for digital content that may be consumed outside of the app itself (e.g. songs that can be played on other music players).

[1] https://play.google.com/about/monetization-ads/payments/

Oh, what if the donation link added you to a list of contributors to the website. Seems like that would be "digital content that may be consumed outside of the app itself" which might be a workaround. Google might ban it anyway of course

I am sort of annoyed the other replier didn't see the sarcasm here, so I'm going to point it out, and note that it's funny -- seeing the motivation behind a behavior doesn't automatically invalidate it.

To clarify, it’s a 30% cut, not just some small payment processing fee.

What’s wrong with that? They’re paying to host and review the app and create the platform it runs on.

It's arguable since it's "donation" so one may expect to get the full donation instead of 30% cut by google but one may argue what exactly is (or isn't) a donation.

I’m not sure why you’d expect to not pay a fee. Google’s expenses are the same for apps that take a charge as those that take a donation. Credit card processors charge the same fees on donations.

A donation doesn’t magically make everyone else work for free.

> Credit card processors charge the same fees on donations.

Yes, they charge 1/10 of what Google charges. The 30% has nothing to do with how much it cost them to run the service, so let's not pretend that they _have_ to charge them.

(I'm not saying they should offer cheap/free donations, I just don't think it's fair to talk about how much it costs them to run the service given that that's clearly not the driving factor)

A paid app means Google gets to claim some revenues out of it.

So Google can make the donation go through them, cripple the normal version, and take a 20% processing fee?


And then Google gets ~30% of your donations.

For sure Google would reimburse that rake off since they have been prodigious beneficiaries.

That's what PPSSPP already does. AFAIK PPSSPP Gold only differs in price and the icon.

So Google get what they want. The sweet 30pc cut on donations

Seems to have happened to AndOTP:


This is ridiculous. May as well only publish open source apps on F-Droid and similar.

Open source app can be compiled and installed without Google play store. If you are hosting on their platform, you adhere to their rules, you are not paying monthly for your free app download bandwith and storage do you ?

That doesn't mean you can't question (and even criticize!) the rules or their application.

Wow great point. Now why the hell can't they have a donation link?

Because you can't use Google's store as a sales funnel without giving them a 30% cut. It doesn't matter if you're a company taking payments or an individual accepting donations.

Wrong. You can’t even use Google with giving them a 30% cut since donations are prohibited from Google Payments.

I'm not a lawyer, but aren't sales and donations quite different? For instance donations tend to have negative taxes...

Not unless your entity is 503(c) tax-exempt which is explicitly allowed by Google.

These “donations” are more like tips, which are treated as taxable income.

I don’t see the problem here. The outrage in this thread seems more about people wanting a different set of rules for OSS and possibly avoiding income tax than anything else. If there are a different set of rules for OSS, then that just makes it easier to abuse the platform. Google’s policy seems fair to me.

Hmm, yeah, I guess that if we want patronage to become a viable economic model, then it will have to be taxed at some point... Since I mostly give to (AFAIK) tax-exempt entities, I didn't think of this...

But neither seems to have Google ! While the global license/patronage debates are already a decade old, and we have seen new companies get started and even established in this sector (Patreon). For instance this "donations" page only seems to cover non-profits ? https://www.google.com/nonprofits/offerings/google-donation-...

"Tips" might well be taxable income. But that doesn't automatically entitle Google to a cut of them. Talk about a greedy land grab.

> you are not paying monthly for your free app download bandwith and storage do you ?

Do I have that option?

It's unfortunate that the developer resubmitted the app without the donation link, open source projects having a donation link in their apps does not violate Google Play policies.

> Here are some examples of products not currently supported by Google Play In-app Billing:

> One time-payments, including peer-to-peer payments, online auctions, and donations.


It indeed is unfortunate. But what other recourse did we have? The first objective, before we even consider donations or anything, is to make our software available and functional to our users. So we had to resubmit. And it's not like the resubmission process is instantaneous; as of writing, the app still isn't back in the store.

But anyway, now what? Let's say things return to normal, but we still want to put the silly link in the app. Our appeal was rejected. We could send letters, I suppose. Perhaps this article on HN will get the attention of the right people? We could appeal the appeal, maybe. And then appeal the appeal for the appeal. At what point does this become a waste of energy that could be spent coding and improving the app in other ways? It's hard to know where to draw the line and which battles are worth fighting. I'm happy to hear folks' opinions on the matter.

I certainly agree, though, that it is unfortunate.

Donations are not supported by in-app purchases, and I'm sure this doesn't mean open source apps are not allowed to sustain themselves by showing a donation link. Or if that is Google's unwritten policy, people must make their voices heard, this abusive behavior cannot be accepted.

I would resubmit the app with the donation link and continue to document and share what happened. Please do not allow them to set a precedent with a popular project like WireGuard.

It's important to share every detail of the issue, the messages you received, your replies, and the policy links you were given about the alleged policy violations.

I think what you are proposing is to make an ideological fight out of this issue, that is exactly what the author describes as "a huge time-drain that does not make the app better" and exactly the opposite of what he meant with "choose your battles".

Let me say that I think you're morally right, but it is probably not a reasonable choice of actions for the author and the users of the app.

There is no need for an ideological fight, because there is no written Google Play policy against donation links in apps. This is most likely a mistake made by the reviewer or an automated system, and I believe they should follow up on it to sort things out.

> I believe they should follow up on it to sort things out. reply

I'm sure you believe that.

Do you work at Google in a position to supervise app reviews? Because if you do, then you can help straighten this out.

If you don't, then it is hopeless. Technically, Google has the right to drop any app for any reason whether it is fair or not (so suing them or something isn't an option). OP already followed the ONLY channel that Google provides (an "appeal" handled, I presume, by a bot that generally issues quick, automated rejections. Sure, I wish Google had a better policy, with some sort of genuine appeal policy which included genuine human review, followed a consistent policy, and most likely had a public record of decisions... but they don't.

I wouldn't assume up front that any action is hopeless. There are many Googlers on this forum and issues like that get forwarded and discussed internally. Google has Open Source Programs Office which used to have a lot of clout inside the company, at least at the time when I worked there.

You are effectively proposing to spend the donated money on improving the Play Store instead of on improving Wireguard.

It's amusing - I feel it's almost like causing a media "storm" is part of the whole "AI powered" process they've got going on. Create Reddit/Hackernews/tech blog outrage and maybe a human might step in and reverse the decision.

You can look at r/videos and see how many examples there are, the link in [1] provides quite a few...

So hey, go get people to repost across social media, maybe get a nice trendy hashtag going like #freewireguard and maybe their "AI" (or PR department) might actually do something useful.

Because to me, I've noticed more and more companies only reverse decisions or backpeddle once there's enough shit flying at them (See Blizzard recently, for example).

[1]: https://old.reddit.com/r/videos/search?q=flair%3AYouTube%2BD...

Of course. No company will admit fault unless forced. The best PR move is wait for it to pass.

I can almost guarantee you that a googler who reads hn has submitted this issue to an internal mailing list and you will get special treatment for this problem.

It's fucking infuriating that the only way to get the attention of a human at Google is to know someone or to frontpage HN.

Time for HN to branch out.. "HN Eyeballs, submit your gripe with Google, we'll show it to Googlers based on their IP address".

As soon as you do that, the effect is gone. It can only ever work in a few isolated cases. Attention arbitrage so to speak

Or in Germany to get an emergency court order ("Einstweilige Verfügung"), dunno if the US has a similar legal venue. At least with an EV you get the immediate attention of their legal department.

The US does, but courts are reluctant to issue them in general. Since google as a fair chance of winning the courts will probably reject the immediate order, and then this drags out in court for a few expensive years before a ruling is issued that could go either way, and either way will drag through the appeals process for many more expensive years.

Does GDPR cover these kind of issues where accounts/apps are demonetized or taken down because of some automated process mistake?

In England you can sue a company for failing to follow its own policies but I don't know if this is possible as a small claim. If not it's probably eye-wateringly expensive.


Yes, it does actually. Article 22 of the GDPR covers this.


GDPR doesn't cover apps, or organizations a data subject can only be an individual.

Individual developers (sole proprietors) are covered under GDPR!

They are, their products aren't. This is about a decision being made on the basis on PII not just an arbitrary automated decision.

My app was also removed a few months ago for this. In the email they say you have to use Google Play In-app Billing, however:

> Donations to 527 designated tax exempt organizations are also permitted.

So if Wireguard becomes a proper tax exempt organisation it would be ok.

If you want donations but aren't tax exempt there is basically no way to do it. However you could easily work around it by offering something trivial like a badge (games can use IAP to purchase trivial things like hats). The downside is that Google take their 30% cut.

I was going to suggest this too. According to the Android dev site "Google Play Billing can be used to sell the following types of in-app products: One-time products: An in-app product requiring a single, non-recurring charge to the user's form of payment. Additional game levels, premium loot boxes, and media files are examples of one-time products."[0] So could you have buttons to buy a "bronze supporter badge", "silver supporter badge" etc. (trying to avoid using the word donation in case it triggers something), perhaps even enabling a "Show my supporter badges" page that shows the ones you've purchased? Kind-of unnecessary extra dev, and as you say Google will take their hefty cut, but might be better than nothing.

[0] https://developer.android.com/google/play/billing/billing_ov...

You could probably just sell it as "get name on Wireguard website".

And then Google get 30% of it.


> Google take their 30% cut.

AKA follow the money.

google gets a 30 % cut. I wonder about the exactwording and legalese. so if someone is financially endowed then could they make a simple game or a loot box bonus, that pays people to play it. then google would owe 30% to that player.

just to stir the pot and see what happens.

>Apps that employ in-store or in-app purchases must comply with the following guidelines

A donation is not a purchase.

So what is stopping all apps from being “free with a donation”?

The same thing that stops random stores from being "free with a donation"? Laws, tax fraud, etc. .

There's no law against it. You just have to pay taxes on it as it's just a normal income if you're not a charity.

It’s not “tax fraud” to ask for donations even if you’re not a non profit. A for profit developer can ask for a “donation” to get feature X.

Because the huge majority of users don’t donate?

Can someone explains me why PayPal's app is then allowed per this policy ?

Because you can't add funds to your PayPal account through Google Play billing. It has its own billing platform.

I use WireGuard daily since 2017, and it's one of my most favorite computer programs in the entire world - robust, reliable, state-of-art cryptography, and seamless integration into the system.

I've never donated to WireGuard before, and I didn't think about donation (I installed WireGuard from my package manager and didn't realize a donation link exists), until now.

Just donated 25 USD.

Thanks Jason. No thanks, Google.

Me too. Just donated. Awesome software.

In an ironic twist, our app that Google supported via Summer of Code was removed.

Whoever came up with this policy and started enforcing it at Google is completely tone-deaf, needs to be fired and publicly called out so we can set an example as a community that this sort of behavior will not be tolerated.

We have contacted engineering leadership at Google and they are in the process of figuring out who it is internally.

As crazy as this policy is, firing and publicly shaming an employee is not the right response to a poor decision by an employee.

I feel it is. It's an effective platform for (positive) change, in this case.

I think this is a bad decision, but I don't want to live in a world in which people risk their privacy by making poor decisions.

We just need processes to learn and avoid doing mistakes twice, and shaming is a poor way to do it.

If I risked being ashamed when making decisions, I would probably avoid decisions altogether. This would be awful. The discussed decision is not even out of law.

What we can do though, is to tell people we know and love about F-Droid and suggest them to only fall back to the Play Store if they don't find what they want, and that they should be aware that by doing so, they enter the jungle and that this jungle follows Google's arbitrary rules, some of which are not in their own interests.

If you think that's an appropriate and proportional response to an employee making a mistake or misunderstanding an internal policy, I sincerely hope that you're not in charge of anyone at your day job.

I'm pretty sure "whoever came up with this policy and started enforcing it" has significant leeway in their decision making. Having the power to come up with new policies to enforce also means that you should be ready to take responsibility if those policies turn out to be bad.

Sure, but this person was probably given another set of more general policies to work with, and what they came up with was reasonable for the vast majority of cases. It's hard to imagine every single edge case (open source apps with donation links are definitely the minority) and policies will evolve over time to be more comprehensive.

Please share more details about your app and its takedown, it's important to publicly document the issue.

Yes, let’s publicly shame and fire people over business decisions we disagree with. Cancel culture!

Ugh, app stores!

No one needs them for discovering new software. You go to the app store to get a specific piece of software you already know about and whose reputation you’ve already verified.

No one needs them for code signing. If you want the real firefox.apk you can download it from https://firefox.com/ and notice a lack of SSL alarms going off. What’s the code signing for — to let me know that HTTPS works?!

All I really want is an OS facility that only executes code that has been installed explicitly by me, and always in a sandbox. That’ll stop that dodgy email from executing r00t.sh via an exploit in my mail client.

App stores and code signing popups are proxies for that kind of OS facility, but I’d rather it was just part of the OS explicitly.

App stores leave me with all sorts of unwanted properties, namely Google / Apple throwing their unwanted opinion around. Search for Instagram in the iOS App Store: the top UI element is “InstaMap”, thanks Apple!

> No one needs them for discovering new software.

There's also people that don't know that they need "Firefox", they just want a browser. Or a tool to print envelopes or crop an image. So they search in the app store and they know it'll probably be okay.

If you search for this online you'd get a bunch of SEO spam sites, shady tools among other things. At least due to the developer fee and reviews there's at least some barrier of entry (Also if it's not perfect).

> App stores leave me with all sorts of unwanted properties, namely Google / Apple throwing their unwanted opinion around. Search for Instagram in the iOS App Store: the top UI element is “InstaMap”, thanks Apple!

Apple's search is notoriously bad and the perfect case to apply Hanlon's razor.

> So they search in the app store and they know it'll probably be okay.

Bad plan, both on iOS and Android. You should not be installing random apps unless you vet them first.

People keep going back to the "users are stupid" argument, but (particularly on Android) the app store does not protect users. Installing random apps or trusting the first app that shows up is a terrible thing to teach dumb users to do.

If you want to protect users to the point where they don't need to think at all, you need to be way more locked down than iOS/Android currently are -- you need Nintendo Switch levels of moderation, vetting, and sandboxing. The problem is that very few people (dumb users included) want that level of vetting for a smartphone.

In what sense will it be ok? Isn't a lot of the stuff in appstores spyware nowadays?

While there is generally always some small percentage of apps that don't do what they promise and slip through the review I think I can be reasonably sure that if I download something from the macOS / iOS app store it'll do what they say.

I trust it enough to believe it won't start crypto mining in the background or connect to random servers and sending the content of my computer somewhere. For the average user it's probably the better option than downloading the top Google result and just executing it.

Uh, what are you talking about? Phoning home with your data (mainly phonebook and location data) is exactly what a lot of apps are doing.

Sure, they wont do crypto mining, but that's because it would drain your battery quickly, and people would notice and uninstall.

As I said, it can happen but I'd assume it's done a lot less than on the "open" internet where there's no repercussions. At least in the App Store the developer would get thrown out, people would post it in the reviews or report to the App Store moderators.

Isn't the whole point of sandboxing and the permission systems exactly preventing phonebook and location data misuse? Especially location tracking prevention was a pretty big part of the iOS 13 announcements.

The permission system does work and is a great achievement. Along with battery monitor and the ability to easily and cleanly uninstall any app.

> I trust it enough to believe it won't start crypto mining in the background or connect to random servers and sending the content of my computer somewhere.

The current migration towards more sandboxing also helps. For instance, Android has restrictions on how much an application can do in the background without showing up as a persistent notification, and xdg-app's sandboxing can restrict how much of the content of your computer an application can access without using a file open dialog.

I don't understand why we keep falling back to uneducated users in this discussions. "Oh we're tech heads; we're not the standard audience..." ... maybe the standard audience should bother to learn something.

I live in a city now and no longer have my own tools/garage, but I know enough about my car to know the shop down the street was trying to screw me when they did a bait in switch, wanting to charge $950 for an alternator repair (and claimed my battery; less than a year old was bad). I called around, towed it to another shop and paid less than half of that...and the battery was perfectly fine.

I should have checked the reviews on the first shop because they were some pretty bad ones. Now I know better, but there are a ton of people who just accept it, maybe because they're car was already towed there and they simply don't know any better.

> I don't understand why we keep falling back to uneducated users in this discussions.

Because that is the majority of the users and because it's hard to find reliable information on the internet even if you're willing to do the research into this sort of thing. I'm certain there are plenty of things that you are probably not knowledgable about and don't put the time to learn about as well.

>Ugh, app stores! >No one needs them for discovering new software

I so badly wish I could agree with you :)

Sadly, observing the non-tech folks around me, some of which don't even know what an app is, and some of which think the only apps they'll ever use on their phone is the ones it came loaded with ... it's not true.

What is needed is an android app. store that is decentralized / distributed, where the "trust" of an app is a consensus-based score and that has the popularity of whatsapp.

I agree with this. What I'd ideally like is to keep the Play and Apple stores, but also make it possible and easy to use 3rd party stores - kind of how you can add alternative package repos in the Linux world. Unlikely to happen without legislation, mind.

> All I really want is an OS facility that only executes code that has been installed explicitly by me, and always in a sandbox.

Androids app sandbox is pretty leaky. It has a massive surface area, and the chances of finding exploits to get out of it to find root are high. Also, even from within the sandbox, there are lots of evil things you can do (for example, start on boot, and go fullscreen and use all the ram so the back and home button SystemUI process gets killed and your app is unkillable.).

The 'badness' of the android app model is a big chunk of the reason Google wants to be gatekeeper - otherwise android apps could just load and unload like webpages do. That and profit.

You say this, but rooting attempts for flagship Android phones have failed at many recent pwn2owns. The grey market price for a root exploit on flagship Android is comparable to iPhone.

The most popular third party rooting services don't seem to support past Android 8.

Clearly it isn't easy to root these things.

I wonder if part of that is that a lot of flagships seem to have unlockable boot loafers now, with a force wipe to do so. Does that have a measurable impact on the number of people trying?

It doesn't seem that way. There are still people attempting pwn2owns. The grey market value of a root exploit is still in six figures and likely higher on the black market.

Code Signing and HTTPS are two completely unrelated concepts...

Yes, but their point is: Why would you need code signing if https is working correctly when downloading software?

Because somebody might’ve changed the files on the distribution servers. We’ve been signing executables for decades?

As a matter of fact, APKs are signed anyway using the pubkey of their developers, the signature is embedded in the package, regardless of whether it's in the app store of not. You cannot use a package with a different signature to replace the existing one, the system will warn you about a conflict.

If someone has changed the files on the distribution servers. A Hacker News reader will have no problem recognizing it and stop installing, another one will compare the signature and keep it as evidence.

Of course, the overwhelmingly majority cannot recognize it though.

The product is built in a very controlled and secure environment at the core of a company's competency ... code-signing here stamps the product as authoritative and representing the company's efforts.

The website from which you, the customer, download the software often is built and managed under less controlled and more vulnerable circumstances, often with third party involvement. Any bad actor in a long chain of internal caretakers and potentially external hackers can replace the to-be-downloaded artifact HTTPS with malicious junk. Code-signing mitigates this.

Semi off-topic, but anyway, I have an supportive argument for you: APKs are signed anyway, the signature is embedded in the package, regardless of whether it's in the app store of not, it the signature has changed, you cannot use a new version to replace the previous version without manual reinstallation, it's an effectively safeguard against phishing.

But only the readers of Hacker News can recognize it. I think it's one of the most powerful argument for a walled garden. Not that I support it, but I acknowledge it's still a powerful argument.

For example, code signing can protect against an attacker that can swap the application, but not the signing certificate. It can allow retroactive disabling of a certain application by revoking the cert that signed it. In short: HTTPS ensures the integrity of the download at the time the app is downloaded, code signing at the time it runs.

Street Joe and Jane lack the technical skills to understand https://firefox.com/ from https://firefox,.com/, or what installing an app means.

"Isn't just clicking _next_ until the app starts?"

Hear Hear. I'll take that in a non-phone version too please.

SSL during download really isn’t a substitute for code signing.

But we have fdroid and the GNU/Linux ecosystem is going to eat android’s lunch anyway.

Apparently andOTP was removed for the same reason a couple of days ago: https://github.com/andOTP/andOTP/issues/396.

As mentioned in the announcement, you can switch over to F-Droid (for the time being) to get the latest version: https://f-droid.org/en/packages/com.wireguard.android.

>(for the time being)

Why do you have that caveat ? You can use f-droid forever.

I'm on an unrooted phone and F-Droid doesn't do auto-updates or even "update all". I have to remember to open F-Droid once in a while to click "Update" and then "Install" for each app, one-by-one.

I understand that it's probably Google's fault for not providing APIs/permissions but it's still terrible UX. I only use F-Droid when an app isn't available on the Play Store.

fdroid periodically automatically checks and notifies of updates to apps. You can also "Update all", using the button of the same name, but you will have to press install for each, due to the way Android works, which is a bit of a pity.

F-Droid isn't a "system app" so it can't even ask for permissions. If it was added as a system app in a custom ROM, then it'd be able to use the undocumented interfaces to install apps.

Because I prefer sticking to APKs signed by the author of the app. F-Droid APKs are signed with different keys, typically.

I agree with your sentiment in theory. Unfortunately, in practice, Google Play Store rips off my signature after I upload and sticks their own one on instead. Blah.

I thought that was opt-in still (https://support.google.com/googleplay/android-developer/answ...) unless you use app bundles, but that article makes it sound like you can bring your own key too. Do they still modify the signature in that case?

Huh, isn't that only the case for Android App Bundles?

Only if the app is enrolled to their resigning program, requires either initial agreement or signing key upload.

Typically but not necessarily. F-Droid can distribute apps with original signatures from developers if the app builds reproducibly. See: https://f-droid.org/en/docs/Reproducible_Builds/

I think he meant until the app is reinstated on the Play Store. I choose the F-Droid version whenever possible.

I wouldn't want the app from any other place than Fdroid!

Ah yes, the multi-billion dollar megacorp trying to prevent goodwill donations. Dear regulators: BREAK UP GOOGLE.

To play devil's advocate, I'm sure Google's intent is to prevent garbage apps from spamming or tricking users into paying money and the resulting PR backlash from having an app store full of shady apps.

As evidence of this, Google does allow donations if the publisher is a 501(c)(3) (see https://support.google.com/faqs/answer/75724?hl=en).

Nothing like opaque, zero due process take downs which change day-to-day unexpectedly until you wake and find your app is no longer in the Play Store.

There has to be a better way to handle these sorts of things.

Were they even notified beforehand?

A 501(c)(3) application costs at least $275 and takes 2-12 months to process. That seems all right if you're a SV SWE registering something on the side of your regular 6 figure income, but for a lot of folks around the world, that seems a largely no-go way to support their project.

If this is really an attempt at preventing garbage apps from spamming or tricking users, this is both overly broad (many false positives) and badly targeted (many false negatives). Why is it that iOS doesn't have this policy, and has significantly fewer garbage apps?

Maybe if Google were to allow third party app stores, folks could choose the one that fits their ability to evaluate the sophistication of apps themselves. For example, some folks might want to pay for extra security checks on the apps they use, while others want to install anything and everything under the sun.

So if I write a legit open source app and release it, and link to a donation page, that's wrong? I don't deserve some credit for my work?

Oh right, it's because Google wants me to have some kind of "pro" app that is effectively a license, that they can get their 30% cut of.

They don't give a damn about fraud via this method. They want their money.

You think a breakup will change anything?

Yes — if there were real competition between multiple app stores, some of which provided better systems of vetting than others (both for users and for developers), then the kinds of stores that had these policies would die off.

Then break-up is still not the solution. Microsoft didn't get split in the late 90's / early 2000's. Anti-trust case against Google / Apple seems far more appropriate and doesn't require new legislation.

All in all, that whole "break-up" argument is just political white-knighting by wanna-be elites (ie. Warren & co).

I don't follow this line of reasoning at all. By all accounts, Microsoft should have been broken up. They were convicted of abusing their monopoly position in a court of law. It was a travesty of justice that it was not carried out. Had this happened, the new companies would have been vastly more competitive, and the current state of computing might have been much better.

It's hazardous at best to assume the state of something with so much variables.

As for continuing being GAFA advocate (while still thinking they should be compelled to open up "Stores" to competition), vertical integration provides enough economy of scale to achieve ever greater complex things. Also, 1) you can't just "break-up" any GAFA. They're just gonna move out of State and be welcomed somewhere else, and 2) what you're asking put Government in a very awkward position as setting up both enough regulations to block new players, but also blocking player to achieve a certain size. Finally, this argument is getting awfully close to the "broken window" fallacy. You can't just "create competition" out of thin air.

You're right, you can't just create competition out of thin air. The competition already existed at that time. Part of the abuse of their monopoly position was to use the dominance of Windows to also capture other markets, including the Office market, Web browsers, etc. We would have had a far healthier ecosystem if the monopoly had been broken up. Look at where Lotus SmartSuite, Corel Office, StarOffice, and all the rest are today. They were not able to compete commercially in a market distorted by a monopolist, and today are shadows of their former selves.

Just because there was competition doesn't mean it was any good, nor that it was gonna last. Microsoft "decline" largely came from new technology they laughed at (smartphone and cloud computing) and to a large extend, missed on. Such an evolution is typical from the high inertia inherent to such a large structure. It forced them to evolve, for the better. Same will likely happen over time with Google/Apple, their structure will get more and more rigid, they will stop providing as much benefit to the user, competition will appear and their will be forced to open up. Apple is already starting to lose ground on the self-repair front, and both are more and more called out on the rigidity of their stores.

Amazon/Facebook is a different problem. Amazon is colliding with the old retail chain and weakening their power in DC (Amazon is not doing anything more that has been done in brick and mortar stores ~forever). As for Facebook, it is threatening Governments themselves (privacy is just just a convenient red-herring).

Or, they will all pre-emptively adopt stronger policies to avoid freeloading. OSS apps don't pay for bandwidth used in downloads, and Google is the one benefiting most from all the free apps on their platform. So if _they_ aren't comfortable with the situation, I can't see a breakup solving that.

Google will never care about the quality of an app store (for devs and for users) as much as a company with majority of revenue coming from folks using their app store. It's the fundamental problem with a monopoly business and breaking off the Google store from being the exclusive way to get apps on the Android platform will solve it because companies optimize profit.

How would breaking up google create multiple app stores? How would that actually work from a logistics perspective?

They're trying to prevent money laundering.

I don't see how this makes sense -- if someone wants to launder money, why would they need to find a donation link to their external donation system inside an android app?

I'm pretty sure they just want their cut.

Yup, I pretty much read it as this: "if you are operating an open source project then you should use ads for funding instead of donations or introduce paid features/upgrades so that we get a cut"

$50 sent, thanks Jason, no thanks Google.

A small amount relative to the value that you're giving to the world, but hopefully a few pints won't go amiss.

Fuck gatekeepers.

I too made a "fuck Google" donation to the WireGuard project today, after seeing an update and then the app disappearing entirely.

I'd love to use the F-Droid version but it's not up-to-date, and isn't published by Jason, so it's not signed by him either.

Publishing it on the website with a built in update-check might be one solution I'd be happy with, it'd only need a text file hosted on the website and a check, perhaps each time WG is activated to see if there is an update. Modern Android versions can be toggled to allow installing software from external sources, so the app could "install itself".

Though I am not using android app, I just made a $10 donation. WireGuard has been a great software for me on Desktops.


I am not sure why it needs to be called a donation. Just let the in-app purchase unlock some cosmetics in the app like games do. You weren't going to deduct the donation from your taxes anyway.

I am curious how this ends up working out. Google takes a cut of the donations now... but the process of buying is probably easier. So maybe it will increase donation revenue, and make it easier to support free software.

(Taking a step back; it is pretty weird to have apps opening links to web pages that take your credit card number. The app store operators are right to view that with suspicion because I'm sure that for every legitimate open source project, there are a million phishing scams.)

Open source developers shouldn't be forced to lock away additional functionality in their apps, or resort to special tricks just to be able to receive donations for their projects.

Google could make a positive impact by introducing new features that help users seamlessly fund their favourite open source apps, right from their Google accounts. GitHub has recently introduced a similar initiative called GitHub Sponsors [1].

> Taking a step back; it is pretty weird to have apps opening links to web pages that take your credit card number.

There is nothing weird about accepting payments outside of Google Play, and it is allowed if the payment does not result in buying a product that is used within the app. Buying a movie ticket, or operating an online store with a third-party payment processor are perfectly fine use cases which are allowed on Google Play.

[1] https://github.com/sponsors

>Open source developers shouldn't be forced to lock away additional functionality in their app

The additional feature can just be text that says thanks for the money, feel free to give us more money in the future.

Better yet, just charge a dollar for the app. Link from the primary website to the app store, so people can buy the right one.

No thanks. If I'm donating to a good cause, I don't want the App Mafia taking a 30% cut. That just reinforces this bad behavior.

It's sort of a convenience fee. I agree with your App Mafia take but my guess is folks that can't be troubled to use F-Droid probably weren't going to donate in the first place.

For instance, D-Sub is available for free on F-Droid but costs something like ~$4 on Google Play.

AndOTP is available on F-Droid, not sure about Wireguard but I'd assume so.

> For instance, D-Sub is available for free on F-Droid but costs something like ~$4 on Google Play.

This is great solution to sustain the app developmant and spread the word about F-Droid!

so the App Mafia is supposed to host your app for free? provide the bandwidth to download it for free ? give visibility to your app thru search in the store for free ?

at some point someone gonna pay for the datacenters, the wires and all these stuff needed for software distribution.

Try running your own site on your own servers and paying for the data traffic and then do the math.

30% is ok

Ok, let's do the math:

Say app has 10MiB, 100,000 downloads is ~1TiB, 1 have a 1GiB/20GiB VPS with that monthly bandwidth which I pay $1/month.

So distributing 100,000 copies costs $1.

I'll give Google $1 for distribution of 100000 copies of my app. Fair?

Yeah, I'll give Google a bit more for payment processing, perhaps. But actual distribution costs nothing really, for most apps.

Remember that creating a Google Play account already costs $20, so for the most people the distribution costs are far more than covered.

you completely ignore the #1 cost: human cost to setup your vps, manage it, backups and whatnot etc. you gotta take all costs into account.

not every developer is willing to learn and spend time configuring & managing a server. that's not the same skill set.

Human cost is not really very well measurable.

First we're talking about the free app for a good cause, so you're already providing an app for free, so you've assumed some sacrifice for others for whatever reason, and setting up a website for it may be comparatively negligible part of the whole cost to you in terms of time.

In my case I would have already had an infrastructure and knowledge how to host things, so it might take a few minutes to put some new files up on a machine used for other projects. Additional costs being pretty much 0.

And there may be benefits (even if I didn't have the knowledge and infra) like learning something new, or now having an infrastructure and knowledge that helps you save expenses or time in the future. So that would offset the costs. You can't just look at costs alone.

Google also does the work of keeping fake versions of your app out of the store.

I remember that being a problem in the app store for windows phones. Lots of fake apps that used the VLC name and logo, for example.

Android is worth sh*t without any apps. I consider providing a market for apps and managing the quality of the market is their responsibility, business expense not developers.

If they don't like free apps, then they should stop hosting free apps if they want that 30% tax so much.

Google should be thankful in the first place that developers are making apps on their ecosystem (doubly so for open source apps), because without them, Android and the Google Play Store itself isn't worth much. It's their part of the deal to stay relevant.

Is that still technically open source compatible?

Edit: I'm referring to https://opensource.org/osd

Edit2: Having read round some more, it seems you possibly could sell a different version, of course you would have to offer the source code which others would be free to give away, (this is for the gpl). I don't know if the discrimination clause of the Open Source Definition would come into play though.

>> Just let the in-app purchase unlock some cosmetics in the app like games do.

> Open source developers shouldn't be forced to lock away additional functionality in their apps

I don't think functionality was what was suggested. Literally cosmetics. A nice banner that says thanks for supporting the project would likely be sufficient.

Edit: Although I agree it shouldn't be required. As a workaround it doesn't seem too bad though.

> …are allowed on Google Play.

Until some morning when suddenly, they're not!

Completely agree. I do not want to restrict any users.

Annoying how hard it is to be independent of FAANG control.

Would it be acceptable to Google if the only perk of buying an IAP was a little icon on the screen saying "contributor" or something?

Do they ban all donation verbiage or just IAPs that do nothing?

it's not the verbiage it's the 30% cut that google is missing when using a donation link

Oh, I see, thanks

I don’t know much about Android, but is the Play store necessary? If it isn’t, then isn’t that independence from FAANG control?

That's like telling a convenience store owner that they're "independent" of Visa and Mastercard. Yeah sure, good luck with that.

It isn't [1] but an average Joe doesn't know about alternatives and what's worse doesn't care about them because he's not affected by Google's foul play (or at least he thinks he isn't).

1: https://f-droid.org/

While I see what you are saying, it doesn't need to be "locked away functionality". You could like "sell" badges. $10 """buys""" a bronze badge, $30 a silver etc, whose only functionality is to be listed in some irrelevant "thanks for your support" view.

> "Just let the in-app purchase unlock some cosmetics in the app like games do."

Doesn't Google take a whopping 30% cut of the purchase price for both in-app purchases or direct purchase of the app itself? That's a pretty big bite out of the donation.

> You weren't going to deduct the donation from your taxes anyway.

Unless I’m mistaken, this is only possible if you’re donating to a registered charity. Many view open source as more noble, but OSS developers don’t magically get a different rule book :)

(I don’t disagree with your perspective here, but the prevailing sentiment in this thread seems to be that OSS developers should get a different rule book.)

And also, if you receive goods or services in exchange for your donation, you need to discount your deduction by the fair market value of those goods and services.

This is not tax advice; consult a tax professional for your own personal situation.

Asking consideration from a platform based heavily on OSS isn't unreasonable. Especially considering Google would benefit from the improvements those donations could spur.

Considering they have absolutely no problem putting restrictions, designed to give their closed solutions an advantage, into that same OSS base, I'd say expecting them to make such an exception for developers that (often quite explicitly) compete with their products would be highly unreasonable.

> Just let the in-app purchase unlock some cosmetics in the app like games do.

I contribute to projects that are committed to never locking away features behind licenses or in-app purchases, because most open-source projects in that space eventually went down that route.

You might not have to actually lock anything away. It might be acceptable to "unlock" a theme that you could otherwise just install in some other way, or there might be some other workaround.

Like another poster said, unlock a text box, in the settings, or about page, or wherever, saying: "Thank you for your support!"

An easy way to let people know how to donate without links is just use plaintext on a page.

At the bottom of an “About” page:

Paypal: email-adress

Venmo: open-source-proj-maker

BTC/ETH: <address>

If someone is not a 501(c)3 org and just a solo person, why do donations have to go through a particular website link?

It seems like the same thing (getting money) can be accomplished without needing to use links from an app.

>I am not sure why it needs to be called a donation. Just let the in-app purchase unlock some cosmetics in the app like games do. You weren't going to deduct the donation from your taxes anyway.

My immediate thought at reading the title "So sell a supporter animation that plays in an about menu".

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact