Unwanted Software Policy
At Google, we believe that if we focus on the user, all else will follow. In our Software Principles, we provide general recommendations for software that delivers a great user experience. The policy below expands upon those general recommendations by providing a list of basic criteria for user-friendly software on the web. Software that violates these principles is potentially harmful to the user experience, and we will take steps to protect users from it.
We’ve found that most unwanted software displays one or more of the same basic characteristics:
- It is deceptive, promising a value proposition that it does not meet.
- It tries to trick users into installing it or it piggybacks on the installation of another program.
- It doesn’t tell the user about all of its principal and significant functions.
- It affects the user’s system in unexpected ways.
- It is difficult to remove.
- It collects or transmits private information without the user’s knowledge.
- It is bundled with other software and its presence is not disclosed.
In contrast, we believe that software that meets the basic criteria below upholds the spirit of our Software Principles and provides a good user experience. We’ll continue to refine the policy as we see new use cases, and we welcome your feedback and suggestions in our help forum.
Transparent Installation and Upfront Disclosure
The software installation process should be straightforward, easy-to-understand and based on clear choices made by the user. It should present a clear value proposition to the user.
- Programs should have a valid and verified code signature issued by a code-signing authority that presents verifiable publisher information.
- Download of the software should only begin when the user has consented to the download by clicking on a clearly-labelled download button.
- At the time of installation, all principal and significant functions of the software should be described in clear and straightforward language that is clearly visible and easy to read on the screen.
- The user must have a meaningful opportunity to review and approve all principal and significant proposed installation options and system changes. For example, at the time of installation, the software might list each of the proposed settings changes, and note that the programme collects the user’s personal data, with links to learn more about each of the changes.
- As part of the install flow, any bundled software must be clearly disclosed. No software should be installed silently without the user’s permission. The name and principal and significant functions of every piece of software that will be installed should be visible to the user, and the user should be able to skip the entire bundled software or offer as well as individual components of the bundle.
- Before and during the install process, the software must not engage in any deceptive
behaviours. Some examples of deceptive behaviours include:
- Making false or misleading claims about the state of the user’s system. For example, misleading claims related to antivirus protection, system performance, system optimisation, a new version of a plug-in, etc.
- Claiming or implying to be official software from a company or a partner of the company if that is not the case.
- Charging fees for software that is available elsewhere for free without disclosing this to the user and explaining what extra service justifies the fee.
- Providing unproven or misleading endorsements.
- The software and download page must contain a link to an End User Licence Agreement (EULA) or Terms of Service (TOS).
Simple Removal
It should be easy for users to disable or uninstall software.
- Uninstall information must be easily accessible, simple to perform, and clearly identifiable after the software has been installed.
- During the uninstall process, users must be presented with clearly-labelled and prominent instructions that explain how to return their browser’s and/or computer’s user settings to the previous settings.
- The software must provide a clear uninstall process and must not engage in any
deceptive behaviours to deter uninstallation. Some examples of deceptive behaviours
include:
- Making false or misleading claims about potential negative effects on the user’s system or privacy if the software is uninstalled.
- Charging fees for software removal.
- Including additional prompts or offers that are unnecessary to the uninstall process.
- Making the default option in the uninstaller to hide the software instead of removing it.
- Uninstallation must not impact unrelated files.
- Once software is disabled or deleted, the removal should be complete. Configuration changes that affected the behaviour of already existing software should be reverted. It may not keep any pieces of the software running after uninstallation and must not be automatically enabled later by itself or another programme.
Clear Behaviour
Once installed, software should behave as expected and deliver a clear value proposition to the user.
- After installation, the program should not download or install additional software, or make system settings changes, beyond what was offered during the initial installation, unless it is doing so at the explicit, informed direction of the user.
- When accessing Google services or products, software must use and adhere to the terms of publicly-available Google APIs for interacting with the user’s system or any program installed. In addition, software must comply with any other applicable Google policies.
- Programs that modify a system's settings must clearly disclose what has changed and how the user can undo it.
- After installation, programs should not engage in deceptive or unexpected behaviour.
Some examples of deceptive or unexpected behaviour include:
- Displaying false or misleading messages about the system status.
- Hiding or cloaking the software’s behaviour. Behaving differently when running in a virtualised environment.
- Impairing usability of the system. Remapping inputs, unless the program is doing so at the explicit, informed direction of the user.
- Preventing the user from controlling the software, or interfering with control of, or access to, any other program already installed on the system.
- Affecting the integrity of other programs, including disabling or circumventing security and protection measures, unless the program is doing so at the explicit, informed direction of the user.
- Intercepting and redirecting network traffic, unless it is the stated purpose of the software.
- The software should not send spam. It should not inject ads, unless that is the stated purpose of the program.
- If the software makes updates, it should provide a clear notification to the user. The user must have a meaningful opportunity to review and approve any principal and significant updates or settings changes.
Snooping
Software that collects or transmits a user’s personal information must be transparent about doing so.
- Software that collects and/or transmits users’ personal information must be transparent about it by providing an explanation in clear and straightforward language that describes what information would be collected or transmitted and for what purpose. The language should be clearly visible and easy to read on the screen. Disclosure is especially important if data collection is a non-obvious feature of the software.
- Software must not collect sensitive information such as banking details without proper encryption.
Keeping Good Company
- If any program includes any third-party software, the author is responsible for obtaining proper bundling authorisation from the third party.
- If software is offered as part of a bundle, all programs included in the bundle must follow the guidelines above.