Over the last year, Google has been instituting sweeping changes when it comes to app permissions to help protect user privacy. It imposed new restrictions when it came to SMS and phone permissions, and plenty of app makers found themselves caught in the Google support machine. Now developers found in violation of recent Gmail API changes are left out in the lurch, and the list of affected apps includes SMS Backup+, Nine, and even SwiftKey.
The issue has to do with those "Project Strobe" changes announced last year. As part of Project Strobe, Google decided that users only had specific use cases in mind when it came to granting services or apps permission to access Gmail. As a result of that assumption, it decided that "only apps directly enhancing email functionality—such as email clients, email backup services and productivity services (e.g., CRM and mail merge services)—will be authorized to access this data."
The only permitted uses for Gmail APIs, according to Google.
Four total types of permitted applications were decided, and like all the new categories which Google imposed permission changes on, they were incredibly restrictive, failing to take into account several valid and popular uses. Users of SwiftKey, for example, can opt-in to more extensive keyboard customization by having it profile your writing in Gmail, and SMS Backup+ archives messages into a convenient conversation view, storing them as threads for access on any device from a hidden label in Gmail. (For the record, SMS Backup+ is Android Police's favorite method for backing up SMS, providing unique functionality and convenience together with auditable open source security.) But cases like these, unfortunately, don't fit into Google's newly-narrowed vision of Gmail.
Users of affected apps have received messages from Google over the last few days, explaining that "if these apps are unable to meet the deadline to comply with our updated data policy requirements, they'll lose access to your Account starting July 15th, 2019." Appeals for exemptions from at least some of the impacted developers have fallen on deaf ears. SMS Backup+ developer Jan Berkel replied to a thread of concerned users on his open source project's Github with the following:
"Hello everyone. I'm sorry about this situation, SMS Backup+ will no longer have access to Gmail, mainly because it's not an email reading app.
I applied for an exception but it was declined, as expected. Vanilla IMAP might work, but for how long I wonder. And it's very tricky to set up for a casual user. Unfortunately the Android platform is getting more and more closed.
I'm not sure what to do at this point, either remove the app from the store or release a new version which removes the automatic account setup, since that is broken / will be broken soon."
Some applications, like SMS Backup+, may ultimately find workarounds which allow functionality to remain intact (even if it makes things unnecessarily harder on users), but many others may have no such luck. Nine would seem to fit the explicitly described use cases permitted by Google, but users are reporting receiving the same message. Users of Kiwi for Gmail also received a notification, but the developers assure us that those communications relate to an older version of the service, and current users need not be concerned. Even if Google is explicitly hoping to clamp down on SwiftKey-style uses for the potential privacy implications, it would seem the new rules still aren't being applied evenly, and other valid exceptions of genuine user benefit should exist.
We reached out to SMS Backup+ developer Jan Berkel for more information about his particular case, but had yet to hear back at the time of writing.
Although Google has proclaimed it would provide a better support experience for independent developers, and some like Kiwi Browser have genuinely seen increased communication from the company, the persistence of issues like these would seem to indicate it still hasn't done quite enough on the subject. It's unlikely, but I hope that Google considers expanding Gmail's potential uses to include more applications, ideally paired with a further moratorium on the upcoming changes to ease user's concerns. If not, affected apps may see functionality that harnesses the affected Gmail APIs break come July 15th.
A representative speaking on behalf of Kiwi for Gmail explained that the notification some users have received relates to an older version of the app, and the contemporary service will be unaffected by these changes. The title and details of this story have been updated to include that information.
- Ravi Jani