Starting in 2020, we at Pushbullet began receiving more and more Play Store policy violation notifications from Google. At first the violation notifications seemed plausible, if a bit abrasive. At this point though, I’m pretty sure we’re being picked on by an AI. We’ll see what you think after you hear our story.
Let’s get some basics out of the way
To start off, it is very reasonable for you to think we must be doing some pretty horrible things if we are receiving so many policy violation notifications from Google. To address this, I’m going to show you that we are not only not doing horrible things, we are often not doing anything at all.
Next, I want to establish some quick facts about Pushbullet. 1) our app has zero advertising in it, 2) we do not share any data with third parties and 3) we have end-to-end encryption available for users using our optional features that are more sensitive. This is basically the dream for users of a (mostly) free service.
With that out of the way, let’s dive in to just how we’ve become such experts on Play Store policy violation notifications and how we’re still on the Play Store today.
What is a Play Store policy violation notification?
A Play Store policy violation notification is an email that informs you that your app is going to be removed from the Play Store in 7 days unless you can address the policy violation. Here is what they look like:
Unless you already have those things, as we did. If that is the case, then the guessing game begins. Here is where we can share our experience and wisdom from years of guessing that Google wants.
So, how do you survive for years while receiving all sorts of policy violations from Google?
To answer this question, I’m going to analyze each of the violation notifications we’ve received the past couple of years and share how we addressed them.
June 9, 2020, the beginning
The first thing to know is that this notification was received out of the blue, not as part of a review to publish an update. I just woke up one day to this notification.
We submitted the update, it was approved, and we assumed we had resolved this issue.
(We were very wrong)
July 7, 2021, around 1 year later
I attempted to publish a small update to our app and received this violation notice in response:
July 21, 2021, three weeks later
Again, when attempting to publish a small update I received this:
I submitted another update with this change and it was approved. Finally cracked the code and got this fixed forever!
February 12, 2022, six months later
Out of the blue I once again woke up to a policy violation notification from Google. No recent app updates or anything like that. Upon reading the policy issue it hit me: this may never end.
I am clearly not making Google happy. I really really need to make Google happy. Let’s try another idea for how to make Google happy.
Surely, surely this must be good enough? So I submitted another update with these changes, and praise be it was approved. I must be good at this guessing game!
(You can laugh at me)
May 15, 2022, three months later
In my head I’m composing epic rants about denial-of-service attacks against humans due to the asymmetric effort of responding to a violation notification versus issuing them. But nobody has time to write that. Instead I get back to guessing what Google wants from me.
Approved! I don’t like this world very much.
October 2, 2022, 4 months later
Oh my god.
I thought that since our SMS sync feature can only be enabled in-app, the focused in-app policy would be great since it focuses on just that specific feature.
This was a horrible horrible terrible idea and I should feel bad for having it.
(Weary beyond words)
October 26, 2022, three weeks later (yesterday)
At least this one is a little different? I think all I need to do is add a few words explaining that when you select a Google account to sign in to our app, that email address is sent to our servers. Should be easy but, in all sincerity, does this seem like a reasonable chain of events to you?
What you and I are up against
Google has always loved automated enforcement. They’ve been doing it since the dawn of time. There is no point in complaining. Instead, let’s try to understand how what is happening and what we can do to survive.
To enforce Google’s extensive set of policies automatically, Google’s tool of choice is to employ machine learning / AI.
AI is an amazing tool for Google. They can train a model to identify apps that appear to not be in compliance with a policy and then check every single app in the Play Store constantly.
For us as app developers, this has two issues. First, there will be false positives. It is possible we really don’t have any violation. Second, as more and more policies have their enforcement automated, not only does the chance of receiving a false positive violation notification go up, but also trivial policy “violations” suddenly become enforced with an iron fist.
The mental model to embrace to maintain your sanity
We believe the first thing you should do is internalize that policy enforcement at Google is entirely mechanized.
Your app did not receive a deliberate analysis by a human leading to the violation notification. There is no one to debate. There is no opinion at all. Your app simply didn’t look enough like the AI’s training data.
This means that when you receive a violation notification and your first thought is to try to speak with someone, you are already thinking about things the wrong way.
The correct response to a policy violation notification
Now that you know you’re up against an automated policy enforcement AI, your goal is to look as much as possible like the training data. Unfortunately, this can be easier said than done since we do not have access to the training data.
All is not lost, however. You have actionable info in the simple fact that what your app looks like now is not acceptable. Identify a set of changes you think may be viable solutions, then simply change even more things that would generally appear to bring you even further into compliance. The more things you change, the more likely one of them is going to get you the green light.
You’re only in compliance for now
A mistake I made repeatedly is thinking once my update was approved, we were good until I updated again. This will never be the case.
New policy enforcement AIs are being trained all the time and existing ones are being tweaked. I think there’s little to do but accept that fending off policy enforcement AIs is going to be a cost of doing business for apps on the Play Store.
Action Required: Your app is not compliant with Google Play Policies
I know we’ll be receiving more of these emails in the future. In the end, as long as our updates get approved, the notices can be thought of as something like a modern nuisance.
On the other hand, if our updates stop getting approved, our inability to guess what Google needs us to do will result the removal of our app from the Play Store and the death of our company which will be a bit of a bummer.
For now we plan to make continue making changes to our app and submitting updates. Ideally our changes will continue being found acceptable and we can put this and future notices behind us.