Google Is Closing Android: And Taking Your Freedom With It
Android was supposed to be different. Unlike Apple’s tightly controlled iPhone ecosystem, Android promised openness: a platform where anyone could write software, distribute it freely, and run it on any compatible device, no gatekeeper required. Billions of people chose Android partly on that premise. That premise is now being quietly retired.
Starting September 2026, Google will require every Android developer to register centrally with Google before their apps can run on certified Android devices, regardless of whether those apps ever touch the Play Store. The Keep Android Open coalition, backed by more than 37 organisations including the Electronic Frontier Foundation, F-Droid, and the Free Software Foundation, is calling this what it is: the end of Android as an open platform.
What Google Is Actually Requiring
The new Android Developer Verification program, announced in August 2025, demands the following from any developer who wants their app to run on certified Android hardware:
- Payment of fees to Google
- Submission of government-issued identification
- Acceptance of Google’s Terms and Conditions
- Handing over their private app-signing key, the cryptographic credential that proves an app’s authenticity
- A full list of all current and future application identifiers
This is not a developer account sign-up. This is comprehensive surveillance of the software development ecosystem, handed to a single private corporation. The rollout has already begun: from March 2026, verification is mandatory for certified Android device installs. Active enforcement starts in Brazil, Indonesia, Singapore, and Thailand in September 2026, with a worldwide rollout planned for 2027.
Google’s justification? Security. The company claims sideloaded apps are more than 50 times more likely to contain malware than apps distributed through Google Play. What they neglect to mention is that Google Play itself has repeatedly been caught hosting malware, sometimes for months at a time.
The Death of Sideloading
For most people, “sideloading” sounds like a fringe concern for tech enthusiasts. But it is the backbone of Android’s alternative ecosystem.
F-Droid, the open-source app repository, distributes thousands of privacy-respecting, community-built applications entirely outside of Google’s infrastructure. Apps like NewPipe, Signal forks, open-source maps, and tools that Google has no commercial interest in hosting. F-Droid’s board member Marc Prud’hommeaux estimates that 90–95% of Android developers oppose the new verification policy.
Under the new rules, F-Droid cannot function as it does today. Because it has no user accounts, it cannot even estimate how many people it would be unable to serve. Apps would stop receiving updates. New apps would be blocked entirely. The rich, independent software ecosystem that has made Android genuinely different from iOS would simply cease to exist.
Custom operating systems like GrapheneOS and CalyxOS, which strip out Google tracking and give users actual control over their phones, face an existential threat. So do thousands of independent developers in emerging markets where Google’s payment infrastructure doesn’t work, where people rely on directly shared APK files because the Play Store is not a viable channel.
“This hands exclusive control to a single gatekeeper, threatening to dismantle the open ecosystem that has long depended on transparency and reproducible builds.” – F-Droid, in their official response
AOSP Is Being Quietly Hollowed Out
The developer verification program is the most visible attack on Android’s openness, but it is not the only one. In parallel, Google has been reducing Android Open Source Project releases from quarterly to just twice a year, starting in 2026.
This matters because AOSP is the technical foundation that independent developers, custom ROM communities, and device manufacturers build on. When AOSP releases slow down, security patches take longer to reach community distributions. LineageOS and GrapheneOS, which extend Android’s life on older devices and provide genuine privacy controls, face longer gaps between updates. Devices that would otherwise receive community support for years become vulnerable faster.
OSNews characterises this as another step in a longer process: Google has systematically moved core Android functionality out of AOSP and into proprietary Google Play Services over many years. Device-specific source code for Pixel phones is no longer released. Security patches are increasingly delayed. The open-source shell that remains is, in the words of one analyst, “simply unusable for 99% of smartphone users” without Google’s proprietary additions.
Google’s statement that “AOSP is not going away” is technically accurate. But a platform stripped of functionality, updated twice a year, and blocked from running unregistered software is not an open platform in any meaningful sense.
A Sovereignty Problem, Not Just a Developer Problem
This is not only a story about developers losing technical freedoms. It is a story about digital sovereignty: about who controls the devices that billions of people carry in their pockets.
When a government-backed app is distributed outside the Play Store, as happens in many countries with public health tools, voter information apps, or secure communications, it will now require Google’s approval to function. Authoritarian governments already lean on Google to remove apps from regional Play Store listings. Under the new system, the chokehold extends to all app distribution. Google has documented compliance patterns with state censorship demands. Handing them mandatory registration authority over all Android software distribution makes this problem structurally permanent.
For European users and policymakers, the implications are significant. The EU’s Digital Markets Act was designed precisely to prevent platform gatekeepers from closing off ecosystems. Whether regulators will act quickly enough remains to be seen. But the trajectory is clear: one US corporation is placing itself between every Android developer and every Android user on earth.
What This Means for Your Privacy
You might ask: what does Android’s openness have to do with privacy? The answer is everything.
The apps that protect your privacy, open-source messengers, VPN clients, tracker blockers, alternative browsers, overwhelmingly live outside the Play Store, or depend on a distribution chain that Google’s new rules will sever. Many of them cannot be commercialised in a way that would make Google-mandated registration viable. They exist because the platform was open.
The same logic applies to your photos and videos. Google Photos is deeply embedded in the Android ecosystem precisely because Android’s openness was always conditional: open enough for competitors to build on, but with Google’s services pre-installed, preferred, and now, through mechanisms like this, increasingly mandatory. Every photo you store in Google Photos becomes a data point in a surveillance infrastructure that Google is now working to make inescapable.
An Alternative Built on Different Values
At PixelUnion, we believe the trajectory described above is exactly why you should not trust your most personal data to any platform where a single corporation holds all the keys. Your memories, your photos and videos, deserve to live somewhere that is structurally incapable of being turned against you by a terms-of-service change or a government registration mandate.
PixelUnion is a European-managed photo and video storage service, built on the open-source Immich platform, running on servers in Europe, under European data protection law. We have no financial incentive to mine your data, no advertising model to feed, and no US parent company to comply with CLOUD Act requests.
The Android story is a warning: when you depend on a platform built by a company whose interests diverge from yours, you eventually lose. The solution is not a different Big Tech provider, it is infrastructure built on fundamentally different principles.