The Play Store may be packed with content, but there are some pretty strict rules in place when it comes to the things apps distributed by Google can do, and once in a while those rules are refreshed or tweaked. Starting this month, Google has refined its Developer Program Policies to include limits to call log and SMS permission access, explicit prohibitions against surveillance and "commercial spyware apps," and new Android Contacts API restrictions.
The biggest developer-facing change is likely to be the SMS and call log API access restrictions, paired with the planned death of portions of the Contacts Provider API, which goes into effect this coming January 7th. In short, some Call Log and SMS data can only be accessed by apps set as "default" for those actions — though there are exceptions like backup or voicemail apps. For more information about how things will change, be sure to check out the relevant section of the developer documentation, as well as the overall policy changes for User Data and Permissions.
Google's Malicious Behavior policy now explicitly includes prohibitions against surveillance and commercial spyware, and the Enforcement section now has better explanations for the extent of Google's policy coverage and actions that may be taken against policy violators. Google is also clarifying to prevent developers from misrepresenting target age group requirements of child or family-focused apps.
For the full details, I encourage developers to review Google's notes for October's policy updates, especially if app-making is your bread and butter.