JavaScript developers left in the dark after DroidScript software shut down by Google over ad fraud allegations

Creator suspects his ID was copied, web giant keeps quiet

Updated On the last day of March, DroidScript, a popular Android app for writing JavaScript code, had its Google advertising account suspended and a week later was removed from the Google Play Store for alleged ad fraud.

David Hurren, founder of the non-profit and of SoftCogs Ltd, a UK-based software firm, is baffled by the charge and asked Google to explain how it came to that conclusion and to reconsider its suspension of DroidScript.

But his appeals have been answered by form letters and now the app, used by more than 100,000 developers, including students, teachers and professionals, is losing premium subscribers as well as ad revenue with no further explanation from Google.

The app had only a single banner, added "reluctantly added to cover our development and hosting costs," Hurren explained in a DroidScript forum post about the crisis. Denied access to ad revenue and details about the supposed infraction, Hurren set about creating a new version without the AdMob banner ad shortly after the AdMob account suspension, knowing this might also prevent DroidScript users from implementing AdMob in their own apps.

But Google, on April 7, suspended the app on Google Play, preventing any new version from being released. Hurren said that means the app loses all the user-ratings, download statistics, and premium subscribers accrued over the past seven years.


Another appeal took 12 days to get a response attributed to "Cindy" on the Google Play Team. It advised patience while the inquiry is being investigated.

Thrilled to be talking to a presumed person, Hurren pleaded with Cindy to explain what's going on so any problems with DroidScript can be addressed.


Spotlight on Apple, Google app stores: What happened to Tile, Spotify, Match – and that proposed law in Arizona


"We are a not-for-profit organization and we rely on our AdMob and subscription income to keep the lights on and our servers running," he wrote in his reply. "This sudden suspension, with the potential loss of over seven years worth Play Store ratings and over 500 premium subscriptions will be a devastating blow to our community. If we have to start again from scratch it will probably be the final nail in the coffin for us, as we already struggle to make ends meet."

The following day, another Google Play Team email arrived with no specific details about the supposed infractions. Hurren observed, "I now believe Cindy was probably a bot and this email fell on deaf ears."

Hurren suspects that the ad fraud claim arose because someone copied the DroidScript's AdMob identifier and used it in another app. But he can't be sure because of the lack of communication from Google.

"We don't know if our ad ID has been hijacked," said Hurren in an email to The Register. "That is the frustrating part of this as they won't tell us exactly why they cancelled our AdMob account. They only give us the vague reason of 'invalid traffic' which can be for any number of reasons. Google has this policy of not explaining in any detail the reasons for AdMob accounts being cancelled, which is incredibly frustrating because you then have very little chance of fixing the problem."

Lack of meaningful communication is a commonly cited problem among developers accused by Google of violating developer or store policies.

In the House Democrat's Investigation of Competition in Digital Markets report [PDF] last year, developers told lawmakers in interviews that "one way Google exercises its gatekeeper power over third-party app developers is through its arbitrary and unaccountable enforcement of Play Store policies." These developers described Google Play Store policies as an "opaque system [that] threatens the ability of app developers to develop and compete in the market for consumers, who should ultimately determine which apps they use."

The Register asked Google to explain why DroidScript was removed and whether it's possible the policy violation allegations might have been made in error. We've not heard back.

Attack of the clones

Hurren said people are constantly trying to hack DroidScript's premium tier code to avoid paying. "We think a Russian group has cloned our app too, but we can only guess at the reason," he said. "We have done nothing wrong as far as we know."

Hurren doubts any actual person at Google is following what's going on with DroidScript because so much of the company's policy enforcement is done through automated systems like scripts and bots.

"We are a development tool, so we support a lot of functionality and access almost every Android API on behalf of our users, so that might look suspicious to an AI," he said. "They won't tell us the reason and I'm not even sure they know themselves actually. This is the problem with relying on AI-based algorithms: the humans don't know what is really going on under the hood."

Hurren said having reviewed the email correspondence to date, "I now think that all the responses were automated and we were basically snuffed out by a machine."

Leaving the final word on alleged policy violations to be made by a machine that can't grasp the implications of its actions is immoral, Hurren argues.

Citing Google's abandoned motto, "Don't be evil," Hurren said he can see why the company got rid of it. "Now they have their machines regularly doing evil while Google's management turns a blind eye," he said.

"There are many stories of people being very badly treated by the Google Play bots over the years. I thought that they were getting better these days, but I was obviously wrong." ®

Updated to add

On Saturday, May 1, DroidScript founder David Huren wrote to say that Google has reinstated version 2.06 of DroidScript and given seven days to correct the ad fraud policy violation in the next app update. Hurren said that means he’ll be removing AdMob support from the app to be safe, since it was unclear initially how the fraud accusation came to be.

Broader topics

Other stories you might like

  • Experts: AI should be recognized as inventors in patent law
    Plus: Police release deepfake of murdered teen in cold case, and more

    In-brief Governments around the world should pass intellectual property laws that grant rights to AI systems, two academics at the University of New South Wales in Australia argued.

    Alexandra George, and Toby Walsh, professors of law and AI, respectively, believe failing to recognize machines as inventors could have long-lasting impacts on economies and societies. 

    "If courts and governments decide that AI-made inventions cannot be patented, the implications could be huge," they wrote in a comment article published in Nature. "Funders and businesses would be less incentivized to pursue useful research using AI inventors when a return on their investment could be limited. Society could miss out on the development of worthwhile and life-saving inventions."

    Continue reading
  • Declassified and released: More secret files on US govt's emergency doomsday powers
    Nuke incoming? Quick break out the plans for rationing, censorship, property seizures, and more

    More papers describing the orders and messages the US President can issue in the event of apocalyptic crises, such as a devastating nuclear attack, have been declassified and released for all to see.

    These government files are part of a larger collection of records that discuss the nature, reach, and use of secret Presidential Emergency Action Documents: these are executive orders, announcements, and statements to Congress that are all ready to sign and send out as soon as a doomsday scenario occurs. PEADs are supposed to give America's commander-in-chief immediate extraordinary powers to overcome extraordinary events.

    PEADs have never been declassified or revealed before. They remain hush-hush, and their exact details are not publicly known.

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022