CDD: MUST NOT expose app details to other apps
Apps targeting Android 11 cannot see details about other installed apps
by default, due to the package visibility change.
Bug: 145293555
Change-Id: Iba1d6facb57f492589c3f5d61c719d0369367d1c
diff --git a/9_security-model/9_8_privacy.md b/9_security-model/9_8_privacy.md
index 425290f..d445ca3 100644
--- a/9_security-model/9_8_privacy.md
+++ b/9_security-model/9_8_privacy.md
@@ -208,3 +208,18 @@
* [C-0-5] MUST schedule a notification that reminds the user after an app in
the background has accessed their location using the
[`ACCESS_BACKGROUND_LOCATION`] permission.
+
+### 9.8.9\. Installed apps
+
+Android apps targeting API level 30 or above cannot see details about other
+installed apps by default (see [Package visibility](
+https://developer.android.com/preview/privacy/package-visibility) in the Android
+SDK documentation).
+
+Device implementations:
+
+* [C-0-1] MUST NOT expose to any app targeting API level 30 or above details
+ about any other installed app, unless the app is already able to see details
+ about the other installed app through the managed APIs. This includes but is
+ not limited to details exposed by any custom APIs added by the device
+ implementer, or accessible via the filesystem.
