Privacy and security are going to be a major focus of Android Q. That's a good thing for each and every user, especially when many of the changes require no action on our part to happen. Security experts worrying about security on our phones means we can continue to use them as usual and everyone wins, except for a potential hacker or scammer. But one major change to a fundamental feature of Android — sharing your files between any app — is getting a big change that's going to lead to plenty of app-developer backlash: Scoped Storage.

How Scoped Storage works

At one time Android worked like any other desktop operating system when it came to accessing your files; things like documents, photos, music or anything else you wanted to store on your device was there for any other app to open. You said it was OK for an app to do this when you installed it, and it just did. Using the app's native UI, you could browse the file system and see all your public files.

With Android 4.4 KitKat, Google started making changes to and adding restrictions on how an app could access files it did not own, and with Android 5.1, the Storage Access Framework was implemented. This gave apps a way to access files in other folders using an Android API instead of using standard programming file operations. It ... works. It's slow and fairly unpopular, but it is available and by now almost every developer of an app that needs this sort of global access has at least tried it out to see how suitable it is or isn't based on their needs.

With Android Q's Scoped Storage, things are both more restrictive and more easy at the same time. A compatible app is given its own folder for user-facing data. Apps already have a private sandboxed folder for storage of their required files and this is unavailable to any other app. Scoped Storage gives the ability to create a second folder for files the app creates because we used it and told it to create them. Think of an app like a voice recorder, for instance; it needs somewhere to store the audio files it creates.

The app needs no permission to read or write any file in this folder, so you aren't prompted to grant any permissions when you first run it concerning file read and write locations. Apps also need permission for each and every folder they want to access but do not own.

Developers have been groomed to use specific methods for file access since Lollipop, but they're very unpopular.

"Shared" folders like Music or Pictures have a built-in method to gain access (for now — this may be temporary while Android Q is in beta) but every other folder on the external storage, which is your free internal storage and your SD card if you have one, now needs specific permission to be accessed. Now think of an app like a file manager, and how it needs to access every folder on your SD card and internal storage.

Developers who need to access folders not owned by their app will need to use the Storage Access Framework APIs. That means it needs to query the API to see if the files exist and get its device location then ask the user for permission to use it. This has been the recommended best practice for file access since Android Lollipop, so it's not exactly new. But with Android Q, it is now strictly enforced and no longer "optional".

Why make this change?

Google gives two valid reasons why it's making this change: Security and to reduce leftover "app clutter."

On the security front, this change does a few things. First and foremost, it stops malicious apps that depend on you granting access to sensitive data because you did not read what you saw in the dialog and just clicked yes. This happens often enough that it needed to be addressed if only to protect the offenders. And we've all done it.

It also allows a developer to have their own space on the storage of your device that is private without asking for any specific permissions (see the first reason again) when first run. And no other app can access any document it creates without you saying it can.

The reason for a change is good, but the change itself isn't being well-received.

Reducing app clutter needs little explanation. When you uninstall an app, the files and folders it drops all over your device storage once you gave it permission to do so stay behind. Enough of these leftovers can start to affect performance, especially if the files use a common name that may be repeated by another app. If a developer builds an app that creates media like a camera app or music recorder, for instance, he or she can use the standard media folder locations to deposit the things you create so they are not removed if the app is uninstalled.

Not written in stone

Android Q is still in beta; that means developers are encouraged to install it and provide feedback. Right now, the feedback for Scoped Storage is not very good. There's even a petition that asks Google to remove the feature for now and rethink its implementation.

Developers are sharing their frustrations using official feedback channels, and while Google may sometimes feel like an immovable object, it is listening. Above all else, Android is an application platform, and breaking popular apps is not something the developers want to do.

Things may change before Android Q goes final when it comes to Scoped Storage. Or it may be removed altogether. We'll know when we see it in the Fall of 2019.

Android Q: Everything you need to know!