An open letter to Google

Dear Mr. Pichai,

We, the undersigned, agree with you: privacy cannot be a luxury offered only to those people who can afford it.

And yet, Android Partners – who use the Android trademark and branding – are manufacturing devices that contain pre-installed apps that cannot be deleted (often known as "bloatware"), which can leave users vulnerable to their data being collected, shared and exposed without their knowledge or consent.

These phones carry the "Google Play Protect" branding, but research shows that 91% of pre-installed apps do not appear in Google Play – Google’s app store.

These pre-installed apps can have privileged custom permissions that let them operate outside the Android security model. This means permissions can be defined by the app – including access to the microphone, camera and location – without triggering the standard Android security prompts. Users are therefore completely in the dark about these serious intrusions.

We are concerned that this leaves users vulnerable to the exploitative business practices of cheap smartphone manufacturers around the world.

The changes we believe are needed most urgently are as follows:

• Individuals should be able to permanently uninstall the apps on their phones. This should include any related background services that continue to run even if the apps are disabled.

• Pre-installed apps should adhere to the same scrutiny as Play Store apps, especially in relation to custom permissions.

• Pre-installed apps should have some update mechanism, preferably through Google Play and without a user account. Google should refuse to certify a device on privacy grounds, where manufacturers or vendors have attempted to exploit users in this way.

We, the undersigned, believe these fair and reasonable changes would make a huge difference to millions of people around the world who should not have to trade their privacy and security for access to a smartphone.

We urge you to use your position as an influential agent in the ecosystem to protect people and stop manufacturers from exploiting them in a race to the bottom on the pricing of smartphones.

Yours sincerely,

Afghanistan Journalists Center (AFJC)

American Civil Liberties Union (ACLU)

Americans for Democracy and Human Rights in Bahrain (ADHRB)

Amnesty International

Asociación por los Derechos Civiles (ADC)

Association for Progressive Communications (APC)

Association for Technology and Internet (ApTI)

Association of Caribbean Media Workers

Australian Privacy Foundation

Center for Digital Democracy

Centre for Intellectual Property and Information Technology Law (CIPIT)

Citizen D

Civil Liberties Union for Europe

Coding Rights

Consumer Association the Quality of Life-EKPIZO

Datos Protegidos

Digital Rights Foundation (DRF)

Douwe Korff, Emeritus Professor of International Law, London Metropolitan University and Associate of the Oxford Martin School, University of Oxford

DuckDuckGo

Electronic Frontier Foundation (EFF)

Forbrukerrådet / Norwegian Consumer Council

Foundation for Media Alternatives (FMA)

Free Media Movement (FMM)

Freedom Forum

Fundación Karisma

Gulf Centre for Human Rights (GCHR)

Hiperderecho

Homo Digitalis

IJC Moldova

Initiative for Freedom of Expression-Turkey (IFox)

Irish Council for Civil Liberties

Media Foundation for West Africa

Media Institute of Southern Africa (MISA)

Media Policy and Democracy Project (University of Johannesburg)

Media Policy Institute (MPI)

Media Watch

Metamorphosis Foundation for Internet and Society

Open Rights Group (ORG)

Palestinian Center For Development & Media Freedoms (MADA)

Panoptykon

Paradigm Initiative

PEN Canada

Philippine Alliance of Human Rights Advocates (PAHRA)

Privacy International

Public Citizen

Red en Defensa de los Derechos Digitales (R3D)

Syrian Center for Media and Freedom of Expression (SCM)

TEDIC

The Danish Consumer Council

The Institute for Policy Research and Advocacy (ELSAM)

The Tor Project

Unwanted Witness

Vigilance for Democracy and the Civic State