> If the person is a spammer or otherwise not legit and you tell them what they did wrong, it's a lot easier to hack around the problem and beat the automated moderation and get your malware into the store.

Is it? Because spammers and malware writers are the only ones that already know what they did wrong - spamming and malware! While everyone else is left guessing.

They know in general, but they don't know exactly which check they tripped and why. That makes it harder to hunt down the detected part.

But you wouldn't tell them which check exactly - you only tell them "spamming/malware".

But that's not really any more specific (imagine this same article where "is not compliant with Google Play Policies" is replaced with "was flagged as spamming/malware," not much changes) plus for any false positive it's likely to make any developer even more angry ("you thought my app was malware?!").

Why would anything have to change about this article? The developer wasn't accused of spamming or malware. You seem to be saying that if an app fails any Google policy, then that is the same as if it was spamming or malware?

My point is that if the developer is given an answer of "spamming/malware" it's not much more useful than "not compliant with Google Play policies" ("spamming" alone is useful, you can check whether messages are being sent, "malware" is just far too broad). To check whether "spamming/malware" is more informative than "not compliant with Google Play policies" you can just plug it into the OP and see if any of the behavior would be different, but I can't see anything that would look different, which suggests "spamming/malware" is not really any more specific than "not compliant with Google Play policies" from the viewpoint of a developer saddled with that message.

And because it's so vague, even if a developer were not to get that message (e.g. as in this case) it still doesn't narrow down much in the negative direction either.

You misunderstand me. I'm trying to say that not every Google Play policy is something malware or spam is interested in violating.

Let me give a hypothetical example: Suppose there are color contrast requirements, to make buttons easy to distinguish. If your app is too desaturated, and buttons are hard to make out, the reviewer can tell you that you must make your app more colorful, and that information won't help malware or spammers one bit.

Or for a non-hypothetical example: How does it help spammers or malware to know that their app mustn't contain "free" in the title?

Or suppose they institute a policy where you're not allowed to re-implement functionality provided by the Google Play store (Google worked hard for that lock-in!), or make apps that are substitutes for ones provided by Android itself, or apps that break DRM.. how would being told you've violated one of these policies, help malware writers and spammers?

Ah I see what you mean. Yes that makes sense.

At that point, why not put up an option for paid tech support? It would make life costly for the spammers, and give an option for people with a critical and legitimate problem.

Because then they might be liable for the advice provided. Can't be sued if you don't provide anything. *taps head*

Spammers are in it for the money, so why do you assume that they wouldn't pay?

Japan immigration does this too - they reject applications but won't say why it was rejected, because people wanting to enter the country for illegal reasons might be able to use that information:

https://www.mofa.go.jp/j_info/visit/visa/faq.html

Could be, actually. The press sucks: a bunch of untrained people too lazy to get off their laptops and talk to people.

I don't think Quora falls into that "spammer" category, though. No one is seeking to make any serious money from it, AFAICT.

If your product/brand is an answer on every relevant question, that's probably worth a lot.

So much money they're leaving on the table, then.

(Or maybe they're secretly raking it in. Who knows?)