Hi @teezah,
I think I was perhaps not so clear in my previous message. I was simply referring to the fact that your request is going through the necessary internal communication channels and I will return to this thread in a couple of days with feedback.
Best,
Rae
You’re not a developer, are you? 
I am, and I can tell you that “roadmaps” aren’t something developers like to give. It’s hard to provide and schedule is almost never right as things change along the way.
It also goes against a lot of development principles if Fairphone’s team works with Agile Software Development methods.
Anyway, yes Fairphone is a bit late on updates but I’m sure they’ll fix it soon. We saw what they did on Fairphone 2 so there’s no reason to worry.
Well, there is quite a difference between new functionality which undoubtedly require multiple iterations and monthly security updates. Nokia / Samsung etc do it in days after the stock Android patches are released.
See, for example,
https://source.android.com/security/bulletin
A bit simplified, this is about applying a couple of git-patches from AOSP ASAP on the Fairphone Android tree.
I beg to differ on this part (as a developer I can agree to the rest). When the FP2 was on Android 6, i.e. a version still supported by Qualcomm, the company managed to release the security updates on a monthly basis and was rather fast, too (usually faster than the Lineage team).
Then, when the FP2 was upgraded to Android 7 the security fix frequency dropped. I always blamed the fact that having no Qualcomm support any more was the main reason.
So now, with the FP3 which is on an Android version still supported by Qualcomm, my expectation was that they would be able to provide the patches on a monthly basis again. I mean, they were able in the past, and the phone was release 10 months ago, so I’d assume enough time to set up a similar build pipeline as with the FP2/Android 6.
Therefore I’m a bit worried it already took longer than half a year.
When coming up with roadmaps it’s also important not to promise to deliver something which you cannot. Fairphone has been there before, and I’d rather they not go back to promising.
They have committed to continuing development for as long as possible. The FP2 is the only device from any manufacturer with its chipset to receive Android 9.
With limited resources, monthly upgrades might not always be possible (my Phillips Android TV just got a bump today from January patches to July). And this is also more true when they are working on bigger upgrades like Android 9 (and please please 10 some day)
Isn’t this about when they moved from having software development in house to being done by their Chinese manufacturing partners… I have lost track of what happened when tbh
Seconded.
The efforts to communicate here are much appreciated, but we are not talking about something which should be overly complicated. Fairphone don’t change too much in AOSP for reasons, and security updates are no voluntary developing exercises, they are mandatory.
I can’t remember it being officially confirmed, but it strongly seems that OS development for the Fairphone 3 is not handled in-house, but by the manufacturing partner in China.
Perhaps there’s a lack of grip on the update situation on Fairphone’s side. If so, Fairphone need to get this in order rather soon.
There can be delays. There are reasons for them, which could be communicated.
There can be issues popping up in testing, which need to be resolved before release, which could be communicated.
But this now doesn’t look good in any way.
I think if some people are dissatisfied with your answer @formerFP.Com.Manager, it’s because of the few extracts of your previous messages in this thread.
I think apologising isn’t enough there, because you are asking again for time:
I fully understand this is getting long for some people, as much as I fully understand they don’t want to wait anymore.
I don’t care much about it, and I’m sort of patient, but @formerFP.Com.Manager, is something exactly stopping you from just telling us why it’s taking so much time, other than the following?
Which is a bit vague…
Oh, and good luck with dealing with it as well, I can imagine it isn’t easy 
Hello everyone
I contacted the support about the Security patches from google days ago and got the answer:
Google releases security patches for Android on a monthly basis. It is then up to the manufacturer to implement those patches with the latest software updates. We release software updates at least on a quarterly basis, which means security patches can be a few months old.
I have to say that I’m not happy
Hi everyone,
i am afraid i have to concur with @Alex.A and @AnotherElk.
No offense @formerFP.Com.Manager but: from business experience i can say your response is a typical company response if something is delayed or something is wrong right now (or a company is trying to hide something). Also from business experience i can tell you that there has to be at least a rough roadmap in a company. Even when the software development is outsourced. Then this company can be contacted 
. Or when there is a internal software development i contact the responsible department.
The simple fact is, this response doesn’t look good for Fairphone right now and damages its image.
I bought a Fairphone for its fair phone production AND its software updates for 5years.
I would advise Fairphone transparency in this subject to avoid future discussions. For example a page when the next Update is released and if its delayed (and possibly why). This would avoid future discussions AND support request AKA less work for Fairphone.
EDIT: And yes i know we have a global pandemic right now. If that is the cause for the delay, just tell us that. . I would totally understand this.
Greetings,
JuengerJesu
Unfortunately, I cannot give an immediate response, but I have alerted the relevant colleagues and I will return to this thread as soon as I have more information to share.
No offense, but you already promised that on July 9th.
I work in a company that develops software, so I know pretty well how developers work.
But in this case it is not about actual development, but rather implementing Google monthly security patches into an already existing OS. This should be monthly routine without too much effort.
Best wishes,
Thomas
Uhhh, comparing a small company like Fairphone with Nokia/Samsung? I am not sure if that’s a good idea.
Looks like they have a rough plan: At least on a quarterly basis.
Thank you @formerFP.Com.Manager for taking the time to respond in this thread. 
Although it might not be satisfying for everyone (which I can understand), it’s still highly appreciated to have a direct contact at all. You probably wouldn’t find that for e.g. Nokia/Samsung 
cough-cough The latest update for the FP2 was …? (Solving: December 2019.) It has been one reason why I have switched to Lineage OS.
Software development needs money. I can only guess that Fairphone cannot invest into security updates every month.
Coming from the life sciences, not software development, I’m not very well educated on this stuff. But I know a company way smaller than Fairphone that manages to get their security updates out on time so my first impulse is to be unwilling to accept company size as a reason for delayed security updates (emphasis on the “security” please).
Edit: Also I’ve seen this line of reasoning on diverse other occasions. I agree that the company size can explain why my phone is still on Android 9 (which I personally only give a little hoot about because of the dark mode). But security patches are another deal and even if the company size is the reason for the delay, that should get Fairphone thinking. Some day they will have to compare to companies way bigger or they will always stay small, that’s the market I guess (which is of course more complicated than just this one sentence but I believe that Fairphone has the tough job to compare in at least some aspects to the bigger guys there and in other aspects it already is better)
Edit 2: To make it as clear as possible, what’s the real deal breaker for me at this point is the fact that I don’t get communicated why I don’t have the newest security patch. I just get told to wait a bit more. I thought this was a small company so at least getting the reason for the delay shouldn’t be too complicated or am I not seeing something there?
Also I wish the company would’ve communicated the security problem themselves without enough users running wild.
I’m not sure I follow you, do you think Samsung / Nokia / etc have more people per phone model than Fairphone? Note that most Android Linux kernels are SoC specific.
This is rather a question of having the competence in-house.
Or a matter of money. Or both.
I guess the biggest problem is that there is no official statement on the Fairphone homepage (or shop page) and one has to contact support to get to know that currently the schedule is quarterly.
And I don’t think the size or money argument really counts if you look at the interval the company was able to support with the FP2: https://code.fairphone.com/projects/fairphone-2-official-releases.html (monthly with few execptions for 2.5 years between 2016 and 2018; and then came the no longer supported by Qualcomm Android 7 which is something I can understand).
Again: I think it would already help a lot to just know why that is (seems?) no longer possible (COVID-19, work on Android 9 for the FP2 e.g. would be an understandable reason IMHO).
For those, who do not care about fair electronics but timely security updates, this is everything else but a sales argument for a Fairphone.
I am pretty sure that e.g. Samsung sells the total amount of phones that Fairphone has sold so far in a couple of hours (just my guess). So yes, they have the manpower and the money, it’s not a big issue for them. And if they encounter a lack of competency somewhere, they simply hire some more experts. For big companies being active in a broad range of areas, not caring too much about social or ethical standards or even sustainability, this is all pretty easily done.
Apart from that I fully agree with @Ingo: The problem here is probably more a lack of transparency in the end.
One last personal annotation (then I’m done with my sermon ): If I have to choose between an unsustainable, unfair produced, super designed, up-to-date, shiny and cheap throw-me-away-next-year phone with security updates always released the next day after Google has released them and a Fairphone, with some issues, some edges, some problems here and there, then I don’t have to stress my brain one single second, cause it’s so obvious for me. I am super thankful that we have at least a tiny counter balance against all these unresponsible companies.