As of March 2026, the European Commission has invited input on the Google Android Developer Verification requirements to monitor Google’s compliance with the Digital Markets Act (DMA). With the first official review of the DMA due by 3 May 2026, the Commission has launched a public consultation, a “Call for Evidence,” to evaluate how this requirement impacts fair and contestable digital markets.

In response, the European Pirate Party has submitted a formal contribution to the Commission’s review, raising concerns about the implications of Google’s new requirements. The Party has also joined 37 organisations in signing an open letter, published by the F-Droid team in February 2026, calling on Google to reconsider an initiative that risks turning Android into a centrally controlled ecosystem rather than an open platform for all developers.

An Overview of the new regulation/requirement:

The Android developer verification requirement is a new mandate rolled out by Google that requires app developers, including those distributing apps outside the Google Play Store, to verify their identities to remain installable on Android devices.

Google has justified this move as a security measure, comparing it to identity checks in high-risk environments. The aim, according to the company, is to prevent bad actors from anonymously distributing malware or scams.

Core Requirements:

• Identity Verification:
  
  • Individuals: Must provide a legal name, address, email, phone number, and a government-issued photo ID (passport or driver’s license).
  • Organizations: Must provide their legal business name, physical address, and a D-U-N-S number.

  
  

• App Registration: Developers must register their app’s “package name” (e.g., com.example.app) and use their signing keys to prove they are the rightful owners of the software.
• Cost: A one-time $25 registration fee for a Google Play Console account is required for verification. There are no additional or recurring fees involved.

Key Timelines:

• March 2026 – Verification portals open globally for developers.
• September 2026 – The regulation will be enforced in Brazil, Indonesia, Singapore, and Thailand. Unverified apps will be blocked from installation.
• 2027 and beyond – The regulation will be rolled out globally.

What do critics say?

A coalition of more than 37 civil society groups, digital rights activists, and technology companies has launched the “Keep Android Open” campaign. F-Droid, the Electronic Frontier Foundation (EFF), the Free Software Foundation Europe (FSFE), Article 19, Fastmail, Vivaldi, etc., are among the participants, along with the European Pirate Party.

The central concern raised by these organisations is that mandatory verification risks turning Android into a controlled ecosystem.

Key Concerns:

• Destruction of “True” Sideloading: Critics argue that requiring registration for apps distributed outside the Play Store undermines true independent sideloading. While Google maintains that sideloading remains possible, opponents say it will be subject to friction and warnings that discourage users.
• Privacy and Surveillance Risks: Mandatory registration requires developers to provide Google with legal names, home addresses, and government-issued IDs. Critics argue this creates a global database of all Android developers, even those who intentionally avoid Google’s ecosystem for privacy reasons.
• Barrier to Entry for Open Source (FOSS): Many free and open-source projects rely on anonymous volunteer contributors who may be unwilling or unable to provide government IDs or pay the $25 registration fee. F-Droid has explicitly stated that this requirement could be “existential” for its project.
• Anti-Competitive “Gatekeeping”: Opponents contend that Google is using security as a pretext to maintain its monopoly. By requiring verification, Google can collect business intelligence on all Android development activity, even apps that compete directly with Google’s own services.
• Arbitrary Enforcement and “Account Kill-Switch”: There are fears that Google could use this system to arbitrarily block developers or revoke their “verified” status without a clear appeals process, effectively turning off their apps across all devices.
• Economic Impact on Emerging Markets: While $25 may be minor in some regions, critics note that it is a significant barrier for students and hobbyists in developing countries.

European Pirate Party’s Perspective:

As an advocate of digital rights, internet freedom, and online privacy, the European Pirate Party’s motivation to respond to the Commission’s call and join the “Keep Android Open” campaign stems from a unique perspective. The experts view the issue as an intersection of three points:

1. Free software and the open ecosystem
2. Civil liberties and the right to privacy
3. Competition law under the Digital Markets Act

Each dimension reinforces each other and calls for regulatory intervention.

Building on these concerns, the Party’s submission to the European Commission outlines how the verification requirement risks undermining the principles the DMA is designed to protect. It calls for proportionate and transparent measures that ensure security without restricting innovation, limiting anonymity, or distorting competition.

For the complete analysis and supporting recommendations, please refer to the attached document:

EPP Google Android Developer Verification policy paperDownload

​

europeanpirates.eu/european-pi…