FWIW, I submitted an EU DMA complaint (Art 27 report) against Alphabet for unfair gatekeeping against third-party distributions like GrapheneOS via Play Integrity. More info: https://github.com/AlexAltea/blog/blob/master/posts/2026-06-...
Convincing developers, especially bank and gov apps, is near impossible and won't scale well. Going after Alphabet for not meeting DMA obligations seems the easier path. Might not go anywhere but worth a shot.
Is there something we can do to support your efforts?
Only two things come to mind:
1. Provide or find pro bono legal resources deeply familiar with EU DMA and similar antitrust regulations, willing to proof-check and improve this report, and perhaps advise on better channels to submit it.
2. Locate more affected end-users, including applicable members of the GrapheneOS Foundation and developers behind other distributions, make them aware of these efforts so that hopefully we submit a joint complaint. (Might get more traction, though AFAICT reporting is limited to EU citizens).
Happy to fork this into its own repository if it helps with collaboration.
1. I will look into that.
A heads-up: the FSFE has already submitted a case for device neutrality regarding both, the ability to completely uninstall AI features and the unlimited interoperability decoupled from ADV: https://fsfe.org/news/2026/news-20260615-01.en.html
“Interoperability must be decoupled from developer verification procedures. We need clear, precise, and inclusive rules to prevent circumvention by gatekeepers and to ensure that interoperability becomes a concrete reality in practice” states Lucas Lasota, FSFE Legal Programme Manager
I can tell you it has NOTHING to do with developer, but more the business/content protection people say unlocked bootloader is not secured.
GrapheneOS runs with a locked bootloader. You temporarily unlock during installation but after re-locking, boot integrity can be validated against GrapheneOS' verified-boot keys. See: https://grapheneos.org/articles/attestation-compatibility-gu...
> Convincing developers, especially bank and gov apps, is near impossible and won't scale well
Not impossible though, my bank and govt eID app did do safetynet, but after enough users complained in both apps you can now skip a warning and use it without issues
The government and bank in question deserve to be named and praised.
Austrian eID app (ID Austria) + Erste Bank/Sparkasse AG (George Austria)
AFAIK they make use of this: https://a-sit-plus.github.io/warden-supreme/integration/supr...