LineageOS Rejects Google’s New Sideloading Rules, Vows to Keep Android Open
Google’s new app developer verification system is set to reshape Android. LineageOS, one of the most popular custom ROMs, says it won’t enforce it.
Google's plan to make app developers verify their identity before their apps can run on "certified" Android phones is shaping up to be one of the biggest changes to the Android ecosystem in years. And LineageOS, one of the most popular custom Android builds, is making clear it wants no part of enforcing it.
What Google Is Doing
Starting this September, Google's new rule called Android Developer Verification will require every app developer to register a verified identity with Google before their app can be installed on a certified Android device. This applies no matter how the app gets onto the phone, whether it comes from the Play Store, a third-party app store, or a direct sideloaded APK file. The rollout starts region by region this year and is expected to go worldwide by 2027.
The rule only kicks in on devices that come loaded with Google's own apps and services, known as Google Mobile Services or GMS. So if a phone runs the standard Google-approved version of Android, package installations will be checked against a system called "AndroidDeveloperVerification," which confirms the developer behind an app is registered and identity-verified. Google is offering an "advanced" workaround for tech-savvy users who want to install apps from unverified developers, but it comes with a warning screen and a mandatory 24-hour wait.
Why Google Says It's Doing This
Google's official line is that this is about stopping fraud and malware. The company claims sideloaded and internet-sourced apps carry more than 50 times the malware risk of apps downloaded from the Play Store, and argues that anonymous, throwaway developer accounts let scammers get caught, then simply rebrand and push out the same malicious app again within hours. Google has also pointed to rules like the EU's Digital Services Act and India's IT regulations, which are already nudging platforms toward requiring more transparency about who's behind an app. The company notes that it's rolling the policy out first in countries with heavy fraud problems - Brazil, Indonesia, Singapore and Thailand - as proof this is genuinely about stopping scams rather than tightening control.
Where LineageOS Stands
LineageOS says the new rule technically doesn't touch it because LineageOS has never shipped Google's app suite and isn't part of Google's certification program in the first place, meaning it has no obligation to install or activate the verification system at all. Even so, the project has used the moment to restate its long-held position: it will not build in workarounds to defeat checks that app developers rely on, since doing so could invite Google to crack down harder on all custom Android builds, not just LineageOS.
That said, LineageOS flagged one gap worth watching which is if someone sideloads a third-party Google Apps package onto their device, that package could theoretically include the verification system bundled in, though the project says it isn't aware of any reason a Google Apps package would choose to do that, since it would end up restricting its own users too.
The Bigger Backlash
LineageOS isn't alone in raising concerns. Alternative app store F-Droid has called the policy an "existential threat" to independent app distribution, since its whole model relies on transparency without forcing individual developers to hand over personal identification. Digital rights group the Electronic Frontier Foundation has warned this could hurt specific groups the hardest among them VPN developers working in countries where privacy tools draw unwanted legal attention, journalists and activists building tools to document abuses, and researchers who publish under pseudonyms for safety reasons and can't risk attaching government ID to their work.
A coalition calling itself "Keep Android Open" has also sprung up, pushing a petition and lobbying regulators in the US and EU to intervene before the rule takes full effect.
For everyday LineageOS users, not much changes immediately - the OS was already built to run without Google's services, so this specific rule doesn't reach it directly. But the controversy highlights a bigger tension bubbling underneath Android: as Google tightens control over what can be installed and how, it's pushing privacy-focused and open-source communities further to the edges of what counts as "official" Android even as Google frames the whole thing as a matter of user safety, not control.
Published By : Priya Pathak
Published On: 6 July 2026 at 11:03 IST