Back in 2008 it was reported that Google had a “remote kill switch” built in to the Android OS.

“Google may discover a product that violates the developer distribution agreement <...> in such an instance, Google retains the right to remotely remove those applications from your device at its sole discretion.”

We’ve never seen exactly what that means, until recently.

In a blog post by Rich Cannings, Android Security Lead, the decision to forcefully remove two apps from phone was explained:

“Every now and then, we remove applications from Android Market due to violations of our Android Market Developer Distribution Agreement or Content Policy. In cases where users may have installed a malicious application that poses a threat, we’ve also developed technologies and processes to remotely remove an installed application from devices. If an application is removed in this way, users will receive a notification on their phone.

“Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them.

“After the researcher voluntarily removed these applications from Android Market, we decided, per the Android Market Terms of Service, to exercise our remote application removal feature on the remaining installed copies to complete the cleanup.”

As we’ve recently seen with Apple, Developer Agreements can be broadly interpreted — too broadly. While I agree with the intent of forced removals, I disagree with the concept of removing the user’s choice.

Android, I hoped, would be better than this. Rather than forcefully installing any app (even a malicious one), removals should be the choice of the user, not some faceless committee.

Instead of simply removing an app and notifying the user that it’s been removed, I would have liked to see a notification with an opt-out (default it to “remove”, but get the user the option not to). Doing so would have appropriately notified users of the threat, informed them what the recommended action was, and given them the opportunity to make their own decision. Android is, after all, about freedom and choice.

What do you think?

Is Google’s approach okay? Do you trust Google to remove only legitimately “dangerous” apps? Are political cartoons “dangerous”? Do you think Google should have put the uninstall option in the hands of the end-user, rather than forcing the removals? Let me know in the comments!