Their reasoning is probably security. They're working under the assumption your app takes untrusted input in some way, maybe over the network. Which isn't a bad assumption, I mean almost all apps do. Very few apps are true self-contained applications, like a calculator.

So then if there happens to be some vulnerabilities in an older Android SDK then your app is susceptible. They could patch back security but that's expensive after a while. Easier to force app makers to update their apps.