Details on Google Play's Photo and Video Permissions policy

Photos and videos on a user’s device are considered Personal and Sensitive User Data and should be treated with utmost privacy best practices. This sensitive information leaves users vulnerable to leaks or targets of exploitation, so minimizing this access helps avoid the burden on developers of handling such sensitive data. To further support protecting users’ privacy, we introduced policy to limit the scope of how broad access to photos and videos can be acquired on Google Play. Only apps with a need for broad access to photos will be allowed to maintain the READ_MEDIA_IMAGES and READ_MEDIA_VIDEO permissions. Apps with a one-time or limited use of photo and video files are requested to use a system picker such as the Android photo picker.

Last year, with users in mind, Android launched a new privacy-preserving photos experience: the Android photo picker. The picker integrates into your app without requiring you to acquire additional photo or video storage permissions and is the optimal way to keep your users and app safe. The photo picker library is also backported to Android 4.4, making it very simple to give this simplified experience to all of your users. Utilizing the photo picker is a built-in way for users to grant your app access to only selected images and videos, instead of their entire media library. Learn more about implementing the picker on the Android developers site.

Overview

The Play Photo and Video Permissions policy requires the following:

  1. Apps that have a one-time or infrequent need to access these files are requested to use a system picker such as Android photo picker.
  2. Apps requiring broad access to photo and video files located in shared storage on devices must successfully pass an appropriate access review and demonstrate a core use case that requires persistent or frequent photo, image, or video access of files.

Make sure to read the policy in full and ensure you understand and comply. Developers who are not in compliance by the deadline may be subject to enforcement actions.

Timeline information

See the following timeline for the Photo and Video Permissions policy. Note that this is subject to change; updates will be posted in this article.

  • October 2023: We announced the new Photos and Video Permissions policy.
  • August 31, 2024:

    • Apps with one-time or infrequent use of photos are requested to remove READ_MEDIA_IMAGES and READ_MEDIA_VIDEO permissions from their app manifest and migrate to a system photo picker if necessary.

      • Apps with one-time or infrequent use that need time to remove permissions or migrate to a picker can request an extension until January 2025.

    • Apps with core use-case or broad access use can begin providing use-case rationale using the declaration form within Play Console.

Frequently asked questions

Collapse all Expand all

What does it mean to have a one-time or infrequent use of photos or video files?

Examples of one-time or infrequent use of photos or video files include but are not limited to: uploading a profile picture, uploading an image for a playlist or uploading a photo of a check for banking purposes.

Infrequent use infers that your app does not have a photo or video use case as its core functionality. If your app has a one-time or infrequent use case for photos or video files, you may not use the READ_MEDIA_IMAGES or READ_MEDIA_VIDEO permission, and we urge you to instead use a system picker to preserve user privacy. 

Some examples of use cases that are not infrequent or one time include: apps that are in the social, communication, photo/video editor categories and others that can demonstrate broad access needs like photo editors, user generated content platforms, image search features, QR code scanners, and similar.

In what cases can the READ_MEDIA_IMAGES and READ_MEDIA_VIDEO permissions be accessed?

Apps whose core functionality revolves around broad access to photos and videos may use the permissions above. Apps that are photo/video managers and gallery apps are the most commonly eligible apps to use these permissions.

How is "core app functionality" defined?

We consider core functionality to be the main purpose of an app. This means that the feature that you document in your app description is central to your app working and without it, your app won’t function.

What is the criteria for passing the permissions access review?

In addition to complying with all other relevant Google Play policies, the app must  demonstrate a core use case that requires persistent or frequent photo/video access of files located in shared storage.

What kinds of apps would need "broad access to photos?"

Apps whose core function includes editing, managing and maintaining photo/video galleries would need broad access to photos and videos on a user’s device. These apps are commonly known as “gallery apps.”

What if I have a custom photo picking experience, does that qualify for broad access to these permissions?

Because your app only needs access to photos that users select in this experience, this does not qualify as a reason to retain broad access.

Are there any exceptions to this policy?

Private and enterprise device management apps are exempt from this policy requirement.

Will my app need to remove the READ_MEDIA_IMAGES and READ_MEDIA_VIDEO permissions from my app manifest?

Yes, in order to be compliant with this policy, if your app does not need broad access to photos and videos via a supported core use case, the media access permissions must be removed from the app by the effective policy date.

Why opt for a "picker" experience?

Broad access to media files on shared storage is a vector for abuse and can harm both users and developers. A picker experience is elegant and efficient, and it helps developers avoid unnecessary access to sensitive data. By minimizing data access, the chance of being victims of leaks or targets of exploits is also minimized. It provides a consistent user experience, satisfies user expectations of privacy while using your app, and helps further maintain a safe and trusted Google Play experience.

How easy is it to integrate the photo picker into my app?

Integrating Android photo picker in your app is easy and the tool updates automatically, offering expanded functionality to your app’s users over time without requiring any code changes. To simplify photo picker integration, include version 1.7.0 or higher of the androidx.activity library.

What versions of Android is the photo picker compatible with?

The photo picker is available on devices that run Android 11 (API level 30) or higher and receive changes to Modular System Components through Google System Updates. Older devices that run Android 4.4 (API level 19) through Android 10 (API level 29) and Android Go devices running Android 11 or 12 that support Google Play services can install a backported version of the photo picker.

Must I use the Android photo picker or can my app use other picker integrations?

You are not required to use the Android photo picker and can integrate other system pickers per your preference as needed.

What if a user does not grant my app broad access to media files?

In accordance with the Restricted Permissions policy, you must make a reasonable effort to accommodate users who do not grant broad access to media files on their device. This includes facilitating a more transactional method (for example, via a system picker) where users can still enjoy the feature or functionality of your app. This could also include gracefully facilitating a modified app experience where users can still enjoy the applicable functionality of your app.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu