Privacy

They can claim this is for security all they want, but it was announced suspiciously close to the courts ruling that Google needed to open up their ecosystem to other app stores.

The courts ruled that users need to be able to install competing app stores without any warning, which is different from how it works today. Obviously allowing installation without any warning would be a boon to malware authors, so they added a way for third party app developers (including app store app developers) to verify themselves and distribute apps outside the Play Store without a warning on installation. Now Epic can verify with Google and distribute its app on its own website without needing to tell the user how to dismiss a scary warning, and the same is true for Safeway and Proton and other developers that might want to self distribute. On top of that, now GrapheneOS can implement its own verification system using the same OS-level APIs. Maybe app authors can distribute apps themselves for users of GrapheneOS by registering their repo with a verification system that runs an automated security audit on the repo and ensures reproducible builds.

Now that there is a way to distribute apps safely outside the system app store, that probably prompted them to look at what was causing malware problems with the current unverified app installation flow, and they came up with that system. Saying it's some massive conspiracy won't force them to change their minds, especially since there aren't enough users who care to make a dent in their revenue. Proposing a less onerous way to stop malware and bringing that in front of a judge on behalf of the app developers who are harmed will.