TECHNOLOGY
How to stay smart about Android app permissions
When it comes to Android and privacy, we’re used to seeing things go in a certain direction.
It’s actually very simple: with each new Android version, it usually becomes easier to manage your privacy and understand how your information is used. And we usually get more front-end tools and under-the-hood improvements that allow us to do things like that intelligently. Obvious, right?
Right of course. And that’s exactly why it’s so puzzling to see Google’s latest change being made to the Android privacy image — a change that feels like backwards progress and is a real disservice to those of us who care completely on the to be aware of what we put on our phones.
In case you haven’t heard, Google just rolled out an update to the Play Store interface that removes the long-standing option to see exactly what permissions an app needs before installing it. l noticed it the other day and thought I was going crazy (which, to be honest, is always an obvious possibility) – but then code-savvy superstar and Esper Senior Technical Developer Mishaal Rahman confirmed that the change was, in fact, really happening and not just a figment of my imagination.
The shift appears to be related to the launch of the Play Store’s new Data Security section, which Google introduced a while back but is mandatory for all apps from today. What, I mean, okay – I get it. Most average Android-owning organisms probably don’t look at the more detailed and technical breakdown of app permissions that often, and Google undoubtedly has a ton of data that influenced this decision.
Still, it seems like a step in the wrong direction to deprive all of us of the ability to see that kind of information and have an easily accessible objective view of everything an app wants to do on our devices.
So what’s an enlightened Android device owner to do except hope Google comes to its senses and brings that more granular information back into the picture?
Let’s think it over.
The Evolution of the Play Store and Android Permissions
Before we dive in, it’s worth zooming in to chew on what exactly changes here and what it actually means.
Traditionally, every Play Store app listing had a link to view the full list of permissions the associated app might need on your phone. That means you know exactly what kinds of data and parts of your phone the app wants to communicate with, and then make a proactive informed decision about whether that all seemed like a sensible situation to you.
That was then. Now you instead see a broader but also less convoluted summary of privacy-related information – which, it’s worth noting, is not automatically generated based on the actual behavior and capabilities of the app, but is instead up to each developer to report:
JR
On the one hand, that new Android Data Safety panel certainly provides a lot more context about what exactly an app does with your information and why, and it gives a slightly more English form than an average (alleged) human could actually understand. That is clearly a good thing.
But at the same time, the subjective, exhaustive, machine-generated facts about the precise list of Android permissions each app needs are left out and you’re instead forced to rely on the developer’s disclosures — which may or may not always be accurate. honest and complete.
In the case of Facebook, for example, the new Play Store Data Safety panel doesn’t mention that the app wants the ability to read your phone’s status and identity, view all network and Wi-Fi connections, to route the system , and to download files without any notice. Those details may not matter to everyone, but they sure seem important.
And those are exactly the nuances that are lost with this new approach.
The solution for Android permissions
So what’s the answer then? Unfortunately, it’s not exactly easy anymore.
One option that has been making a bit of buzz in Android enthusiast circles is the idea of downloading a third-party Play Store alternative called Aurora, since that storefront still lists specific app permissions. But there’s a catch: Aurora is an unofficially sanctioned and untechnically authorized Play Store alternative client. And that means you have to go into nature and install it from outside the Play Store – which (a) is hard to recommend on a broad level (especially if there are enterprise-related devices involved), and (b) opens up the door to some tricky terms of service, as Google doesn’t allow third-party apps to act as Play Store interfaces in that way.
Aside from that way to go, you have a few options worth considering:
1. Rely on a web-based Android app marketplace to reference an app before downloading it
A web-based marketplace called F-Droid lists lots of Android apps and makes them available for instant download – and it lists all the permissions an app needs in a clear and easy-to-find form.
JR
And while F-Droid is meant to act as a full-fledged alternative Android app market, you can just as easily use it as a simple reference point before normally downloading an app from the Play Store. It gives you a window on the app’s exact permissions ahead of time, now that the Play Store doesn’t.
The only downside, extra effort aside, is that F-Droid lacks many major app titles present in the Play Store. So there is a good chance that you will not find what you are looking for there. But it’s at least one option for a proactive approach in light of Google’s annoying change of permissions visibility.
2. View the permissions of an app right after you install it
This is really the best general answer for most people right now, even if it’s not quite optimal: after you install an app, it’s actually pretty easy to dig in and see exactly what permissions the app is capable of. is accessing your phone.
Just open your default Android system settings and look for the Apps section. Open it and look for the line labeled “See all apps.” Tap that bad boy and tap it right.
Then find and tap the appropriate app, then select “Permissions.” That will show you a basic list of core permissions the app needs – but to get the full unabridged list, you need to do one last step: tap the three-dot menu icon in the top right corner of the screen, then tap the all-important option “All Permissions” tucked away in that menu.
And with that, you are finally familiar with every kind of data the app might be able to see or interact with on your phone.
JR
Also remember that with more advanced and sensitive types of permissions, apps must explicitly ask for your authorization before they can act. So even if the app is installed on your phone, it won’t be able to do anything automatically, especially eyebrow raising, until you get a prompt and intentionally give it the green light.
This method isn’t perfect, and it certainly makes a lot less sense than being able to see all those permissions directly in the Play Store. But the information is still available, if you know where to look.
And when you combine this approach with the Play Store’s new Data Security section and all your basic Android app selection smarts, you’ve got an effective way to keep an eye on your apps and see exactly what kinds of information they’re up to. have access.
Want even more Google knowledge? Check out my Android Intelligence newsletter to get next level knowle
dge delivered to your inbox every Friday.
Copyright © 2022 IDG Communications, Inc.
