Warnings Your Apk Is Using Permissions That Require A Privacy Policy: (android.permission.READ_PHONE_STATE)

Asked 20/12, 2016 at 2:59 Answered 18/7, 2021 at 14:30

Solved android android-studio permissions android-manifest google-developers-console

133

In manifest not added android.permission.READ_PHONE_STATE. permission.

Why error comes when I upload a new apk version error comes below.

Your app has an apk with version code 1 that requests the following permission(s): android.permission.READ_PHONE_STATE. Apps using these permissions in an APK are required to have a privacy policy set.

I have attached a screenshot of my google play store account.

my manifest file.

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.my.package.name">

    <uses-permission android:name="android.permission.INTERNET" />

    <application
        android:name=".utils.PreferenceManager"
        android:allowBackup="true"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:largeHeap="true"
        android:supportsRtl="true"
        android:theme="@style/AppTheme">
        <activity
            android:name=".SplashScreen"
            android:screenOrientation="portrait">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />

                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>

        <activity
            android:name=".MainActivity"
            android:screenOrientation="portrait" />

        <activity
            android:name=".CategoryListActivity"
            android:screenOrientation="portrait" />
        <activity
            android:name=".ImagesActivity"
            android:screenOrientation="portrait" />

    </application>

</manifest>

Carmoncarmona answered 20/12, 2016 at 2:59 Comment(8)

Did the permission exist in the manifest before which you have since removed and haven't uploaded the new apk? – Escalade 20/12, 2016 at 3:4

No, My manifest file have attached you can see. – Carmoncarmona 20/12, 2016 at 3:31

add read phone state permission on your manifest – Detritus 20/12, 2016 at 4:8

I've already tried with adding and again removing. Nothing works – Calista 20/12, 2016 at 12:18

Got the same issue with appsflyer which implicitly adds this permission in build phase – Welfarism 21/12, 2016 at 18:41

Check this out: https://mcmap.net/q/169100/-warning-of-google-play-developer-policy-violation-action-required – Rene 12/3, 2017 at 19:35

I would like to mention that in order to fix this you must update all your dependencies that use the "play-services-" prefix from 12.0.0 to 12.0.1. So that includes anything such as upgrading "play-services-analytics:12.0.0" to "play-services-analytics:12.0.1". It is not just limited to play-services-ads but all play-services with the version 12.0.0. – Kaliningrad 9/5, 2018 at 23:51

I’m voting to close this question because meta.stackoverflow.com/q/272165/6296561 – Detribalize 24/4, 2020 at 16:19

158

Your app's manifest.xml having these permission to access information from your's device but you don't have privacy policy link while submitting on the play store. so you getting this warning.

Need privacy policy for the app If your app handles personal or sensitive user data

Adding a privacy policy to your app's store listing helps provide transparency about how you treat sensitive user and device data.

Update 1

The privacy policy setting in Google Play Console has changed locations.

In Google Play Console,
Select Store presence → App content.
Under Privacy Policy.

Update 2

Select Policy → App content at the far bottom left.
Under Privacy Policy.

Spongioblast answered 24/12, 2016 at 6:17 Comment(8)

Is there any way to create the private policy from a template? – Eduino 21/1, 2017 at 16:39

I hope you'll need to show privacy policy but you don't have website, probably the privacy policy document will be text content, so the easiest way is we can make word document with all your privacy policy and permission related information then you can upload it on any free bucket like drop box etc. then you can get the url to use on the play store submission. – Spongioblast 26/5, 2017 at 1:38

I am facing the same problem. i didn't use READ_PHONE_STATE permission then why it says that your app use this? – Pleione 27/3, 2018 at 15:35

Because of AdMob. Their current version 12.0.0 requests READ_PHONE_STATE (bug), even if your app doesn't has it in the manifest. So that's it. They said they will release an update to 12.0.1 soon. – Chappelka 27/3, 2018 at 18:13

@jaydip-kalkani, Asking the privacy policy is page is the choice of knowing what actually accessed(read/write) from the mobile through the app since the end user will not be technical guy. Also note that whatever sensitive data access is the matter and not only for the READ_PHONE_STATE, even it may be asked for READ_CONTACTS(just asking for an example). – Spongioblast 22/10, 2018 at 12:39

As of the time of this comment - The Privacy policy setting is here - play.google.com/console/u/0/developers/… – Helsell 10/1, 2021 at 22:0

What the heck I have to set a link on privacy policy for Internal Testing?? It is so dumb!! I just set a link on a privacy policy of another app and it started to accept new bundles with READ_PHONE_STATE permission. – Ouse 16/4, 2021 at 20:36

@Eduino free template is available here . app-privacy-policy-generator.firebaseapp.com – Cumae 19/7, 2021 at 12:24

Just try to add this line to your manifest file:

<uses-permission android:name="android.permission.READ_PHONE_STATE" tools:node="remove" />

and add attribute xmlns:tools="http://schemas.android.com/tools" to your <manifest> tag to define namespace tools

From the documentation for tools:node="remove":

Remove this element from the merged manifest. Although it seems like you should instead just delete this element, using this is necessary when you discover an element in your merged manifest that you don't need, and it was provided by a lower-priority manifest file that's out of your control (such as an imported library).

Ethicize answered 26/12, 2016 at 17:59 Comment(4)

This also circumvents the nasty permissions warnings that otherwise show up when someone is going to download your app...a must have – Bowfin 20/7, 2017 at 2:42

if use this you won't able to use READ_PHONE_STATE – Merimerida 23/8, 2017 at 7:54

[Fatal Error] :50:95: The prefix "tools" for attribute "tools:node" associated with an element type "uses-permission" is not bound. – Peptone 2/9, 2017 at 11:50

Use this in manifest header? <manifest xmlns:android="schemas.android.com/apk/res/android" xmlns:tools="schemas.android.com/tools" ...... /> – Blockus 6/10, 2017 at 17:42

It's third party library. You can find the culprit in build/outputs/logs/manifest-merger-release-report.txt

Linchpin answered 24/5, 2018 at 13:58 Comment(0)

It may be because of any third party lib which may include that permission so from my experience in this field You have to add the privacy policy regarding to that particular information it means if you ask get accounts permission in your app than you have to declare that with your privacy policy file we use that data i.e. email address or whatever with reasons like to login in google play game.

Also can do this

<uses-permission android:name="android.permission.READ_PHONE_STATE" tools:node="remove" />

Hope This Will Guide you What You can do for this warning create privacy policy for your app and attach that with store listing.

Ponderous answered 20/12, 2016 at 9:3 Comment(1)

Thanks :) but this will work <uses-permission android:name="android.permission.READ_PHONE_STATE" tools:node="remove" /> ? – Malfeasance 5/5, 2017 at 6:32

The dependencies you have in your project, will add their own permissions. Please do the below to find from where "READ_PHONE_STATE" is coming.

Rebuild your android application
Press "Ctrl+Shift+F" in android studio (basically do a search all in the editor of your preference).
Search for "READ_PHONE_STATE", you would find the entry in a regenerated manifest file (not the one you originally created). By the path of it you can know, from which dependency the permission is getting added.

Salutation answered 7/2, 2017 at 8:48 Comment(0)

you need to specify the min and target sdk version in the manifest file.
If not the android.permission.READ_PHONE_STATE will be added automaticly while exporting your apk file.

<uses-sdk
        android:minSdkVersion="9"
        android:targetSdkVersion="19" />

Mathur answered 15/2, 2017 at 20:59 Comment(1)

Great! That fixed it. It was getting added when I did not have target specified. – Holmium 19/2, 2017 at 1:53

If you use React Native

This problem has been completely solved here

https://facebook.github.io/react-native/docs/removing-default-permissions

Thanatos answered 29/7, 2018 at 7:27 Comment(0)

It can be that you need to add or update your privacy policy. You can easily create a privacy policy using this template

https://app-privacy-policy-generator.firebaseapp.com/

Trevethick answered 15/4, 2020 at 14:32 Comment(0)

You need to provide a privacy policy for your app in the Google Play Console, or remove the permissions which require a privacy policy.

Go here: https://play.google.com/console/app/app-content/summary

Or open the Google Play Console for your app, scroll all the way to the bottom of the nav menu on the left and under the heading "Policy" click "App Content".

For more information on when and why the privacy policy is required, see the docs here.

Amand answered 30/3, 2021 at 13:1 Comment(0)

Currently some people are facing the same issue because of using 12.0.0 version of AdMob lib.

Update it to 12.0.1. This should fix it. You can read more here

Ballista answered 2/4, 2018 at 6:10 Comment(2)

Links to external resources are encouraged, but please add context around the link so your fellow users will have some idea what it is and why it’s there. Always quote the most relevant part of an important link, in case the target site is unreachable or goes permanently offline. – Assumptive 2/4, 2018 at 6:31

This was the fix for me. In A-Studio, you can view the "merged manifest" and it points to the Google Play Libraries. – Eckart 10/4, 2018 at 19:14

If you're testing your app on a device > android 6.0 you have also to explicitely ask the user to grant the permission.

As you can see here READ_PHONE_STATE have a dangerous level.

If a permission have a dangerous level then the user have to accept or not this permission manually. You don't have the choice, you MUST do this

To do this from your activity execute the following code :

if the user use Android M and didn't grant the permission yet it will ask for it.

public static final int READ_PHONE_STATE_PERMISSION = 100;

  if (Build.VERSION.SDK_INT > Build.VERSION_CODES.M && checkSelfPermission(Manifest.permission.READ_PHONE_STATE)
                != PackageManager.PERMISSION_GRANTED) {
            requestPermissions(new String[]{Manifest.permission.READ_PHONE_STATE}, READ_PHONE_STATE_PERMISSION);
        }

then override onRequestPermissionsResult in your activity

@Override
    public void onRequestPermissionsResult(int requestCode, @NonNull String[] permissions, @NonNull int[] grantResults) {
        switch (requestCode){
            case READ_PHONE_STATE_PERMISSION: {
                if (grantResults[0] == PackageManager.PERMISSION_GRANTED){
                    //Permission granted do what you want from this point
                }else {
                    //Permission denied, manage this usecase
                }
            }
        }
    }

You should read this article to know more about it

Upper answered 20/12, 2016 at 4:53 Comment(0)

Are you using AdSense or other ads in your app, or maybe Google Analytics ? I think if you do so, even if you don't have the android.permission.READ_PHONE_STATE in your manifest this is added by the ads library.

There are free templates that might help you create a privacy policy.

This is the email i received from Google about it :

Hello Google Play Developer, Our records show that your app, xxx, with package name xxx, currently violates our User Data policy regarding Personal and Sensitive Information. Policy issue: Google Play requires developers to provide a valid privacy policy when the app requests or handles sensitive user or device information. Your app requests sensitive permissions (e.g. camera, microphone, accounts, contacts, or phone) or user data, but does not include a valid privacy policy. Action required: Include a link to a valid privacy policy on your app's Store Listing page and within your app. You can find more information in our help center. Alternatively, you may opt-out of this requirement by removing any requests for sensitive permissions or user data. If you have additional apps in your catalog, please make sure they are compliant with our Prominent Disclosure requirements. Please resolve this issue by March 15, 2017, or administrative action will be taken to limit the visibility of your app, up to and including removal from the Play Store. Thanks for helping us provide a clear and transparent experience for Google Play users. Regards, The Google Play Team

Malaya answered 3/2, 2017 at 10:19 Comment(2)

I think a good staring point for a free privacy policy can be found here: docracy.com/6516/mobile-privacy-policy-ad-sponsored-apps – Malaya 3/2, 2017 at 12:3

I get the same email with you, is there another possibility except Ads and GAnalytics? – Finlay 10/2, 2017 at 9:20

Probably you're using PlayServices of version 9.6.0. Then you should update it, it's library's bug. More info here.

Add

<uses-permission android:name="android.permission.READ_PHONE_STATE" tools:node="remove" />

to your manifest file.

Olmos answered 14/3, 2017 at 17:0 Comment(1)

This topic is about READ_PHONE_STATE permission problem. Why android.permission.CAMERA? – Olmos 30/5, 2017 at 10:30

You should drop android.permission.READ_PHONE_STATE permission. Add this to your manifest file:

<uses-permission
    android:name="android.permission.READ_PHONE_STATE"
    tools:node="remove" />

Inconvertible answered 24/3, 2018 at 22:17 Comment(0)

1.You need to create privacy policy page on your website and update your privacy policy for the permissions you are asking.

2.Update new SDK remove unwanted permissions and resubmit the app.

Suomi answered 14/3, 2017 at 13:16 Comment(0)

I found this free website that will make for you the policy AND host it:

https://www.freeprivacypolicy.com/

Then add it to the play store under Store Listing - at the bottom add the public link for the policy that you got from https://www.freeprivacypolicy.com/

Calix answered 5/7, 2018 at 20:9 Comment(0)

I solved this problem by this way: Google play console find App content-> Privacy policy and then Privacy policy URL set to you can submit your page.

Minima answered 27/3, 2021 at 8:10 Comment(0)

2018 update:

For AdMob users, this causes AdMob version 12.0.0 (currently last version). It wrongly requests READ_PHONE_STATE permission, so even if your app doesn't require READ_PHONE_STATE permission in manifest, you won't be able to update your app in the Google Play Console (it will tell you to create a privacy policy page for your app, because your app requires this permission).

See this: https://developers.google.com/android/guides/releases#march_20_2018_-_version_1200

Also, they wrote they will publish an update to 12.0.1 fixing this soon.

Chappelka answered 27/3, 2018 at 18:19 Comment(0)

I was facing same issue and got the error while uploading apk to Google play. I used ads in my app, and I was not even mentioned READ_PHONE_STATE permission in my manifest file. but yet I got this error. Then I change dependencies for ads in build.gradle file. and then it solved my issue. They solved this issue in 12.0.1.

compile 'com.google.android.gms:play-services-ads:12.0.1'

See answered 11/4, 2018 at 11:10 Comment(0)

See steb by step and you will understood

public static String getVideoTitle(String youtubeVideoUrl) {
        Log.e(youtubeVideoUrl.toString() + " In GetVideoTitle Menu".toString() ,"hiii" );
        try {

            if (youtubeVideoUrl != null) {
                URL embededURL = new URL("https://www.youtube.com/oembed?url=" +
                        youtubeVideoUrl + "&format=json"
                );
                Log.e(youtubeVideoUrl.toString() + " In EmbedJson Try Function ".toString() ,"hiii" );
                Log.e(embededURL.toString() + " In EmbedJson Retrn value ".toString() ,"hiii" );
                Log.e(new JSONObject(IOUtils.toString(embededURL)).getString("provider_name").toString() + " In EmbedJson Retrn value ".toString() ,"hiii" );

                return new JSONObject(IOUtils.toString(embededURL)).getString("provider_name").toString();
            }
        } catch (Exception e) {
            Log.e(" In catch Function ".toString() ,"hiii" );

            e.printStackTrace();
        }
        return null;
    }

Grigson answered 19/8, 2018 at 6:50 Comment(1)

Please add some explanation to your code, such that others can learn from it – Specimen 19/8, 2018 at 8:33

If you are using the package device_id to get the unique device id then that will add an android.permission.READ_PHONE_STATE without your knowledge which eventually will lead to the Play Store warning.

Instead you can use the device_info package for the same purpose without the need of the extra permission. Check this SO thread

Dieselelectric answered 27/8, 2020 at 15:10 Comment(0)

-1

I could not release my app on Google as error show after uploading app apk file on Google testing "internal testing release." Attached screen shot please resolve advise how to resolve this error. App generated on Mobiroller app generator. Even though after I have [Error massage seen: "Your APK or Android App Bundle is using permissions that require a privacy policy: (android.permission.CAMERA)." 1added privacy policy in Mobiroller in my app.

Error massage seen: "Your APK or Android App Bundle is using permissions that require a privacy policy: (android.permission.CAMERA)."

Secateurs answered 18/7, 2021 at 14:30 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Update 1

Update 2

Recommended topics

Hot tags