3 Comments

Summary:

In response to the uproar over how mobile iOS applications have had access to address-book data without having to inform the user, Google (N…

Online Security - privacy
photo: Tetra Images / Corbis

In response to the uproar over how mobile iOS applications have had access to address-book data without having to inform the user, Google (NSDQ: GOOG) was all too happy to confirm Wednesday that its development model for Android applications makes it impossible to share personal data with an app developer unless you agree to do so before installing the app.

Tim Bray, Google’s head of Android developer relations, addressed Android’s take on the Path-inspired mess that forced Apple (NSDQ: AAPL) to acknowledge that it should have done a better job policing apps that uploaded address-book data from users without explicit permission. “Reading contacts on Android requires explicit OK,” he said on his Twitter feed, pointing to two Android development articles that address how Android deals with granting permission to access personal data.

A Google representative confirmed that Android can’t access any personal information on a user’s handset unless the user consents before the app is installed through any means, whether through the Android Market, a third-party app store, or side-loaded onto a phone. “A basic Android application has no permissions associated with it, meaning it can not (sic) do anything that would adversely impact the user experience or any data on the device,” Google wrote in one of the development articles cited by Bray.

When an Android user goes to install an application they are presented with a list of permissions that the app developer has requested the user grant the app for various reasons, most of which are benign. For example, when you try to download Path on Android, you’re asked to confirm that you’re willing to allow the application to “prevent phone from sleeping,” access “coarse (network-based location, fine (GPS) location,” and “read contact data.” The more detailed description of that last permission says that you’re allowing “an application to read all of the contact (address) data store on your phone. Malicious applications can use this to send your data to other people.”

Unless you agree to all grant the app those permissions, you can’t install the app. “No checks with the user are done while an application is running: it either was granted a particular permission when installed, and can use that feature as desired, or the permission was not granted and any attempt to use the feature will fail without prompting the user,” the company said in that article. (emphasis Google’s)

There’s still the matter of how those applications store data that users have agreed to share with developers, as Twitter raised a few eyebrows by asserting it would store address-book data shared with its service for 18 months. Google responded to those inquiries by pointing to a blog post from 2010 that declared “if you have to handle user data, ensure that the data remains on the device whenever possible. … Sending data outside the phone, even if done for the user’s benefit, tends to draw suspicion.”

To be clear, those are merely guidelines: the free-for-all environment that is Android development means that anyone can create an app that sends data off a device without encryption, even if Google frowns on such practices. Android users are much more susceptible to malware than iOS users, especially if they don’t read the fine print associated with those applications. And if you’ve rooted your device, you’re kind of on your own.

Still, it seems that assuming they actually read the permissions screen provided to them before they install an app, Android users shouldn’t be surprised by what their apps know.

You’re subscribed! If you like, you can update your settings

  1. Adam Fitzgerald Thursday, February 16, 2012

    Reading contact data for use in-app is not the same problem as sending it off to a server and storing it. Not even close. I don’t see why Android is in the clear here for their permissions system. It’s nice, but it’s not much better.

    1. It’s better in that you can’t be surprised by anything the app does in terms of collecting information. Once you’ve agreed to share the info the app can still handle it in a shady way, but the app can’t gain permission to access that data unless the user has explicitly agreed to share it by installing the app. Until Apple fixes the iOS issue, apps can access your address book data without having to ask you first.

    2.  Wait what? Not asking for permission to share you data at all, and just doing so, is not much worse than apps explicitly needing you to take a physical action to grant the app permission on an app by app basis? I would love to hear your thoughts as to how you come to that conclusion. It is absolutely better, in every way, shape, and fashion.

      Its the only logical choice in fact. Ask the user permission, always. This wont stop stupid people from doing stupid things, but at least it stops stupid things from happening without your expressed consent.

Comments have been disabled for this post