Do you review permissions before downloading an app? Have you ever wondered why a grocery app needs to read your SMS? Why should any application access your private photos or documents? In the name of convenience, users are being lured to give away sensitive information by app developers, particularly in the Android ecosystem. This serious threat to privacy is a growing concern for India.
In the recent years, India has witnessed a mass adoption of smartphones due to an influx of low cost phones and rising affordability. This has ushered a boom in the mobile application market. Several free apps have emerged in this arena, and most of the developers look at ads as the only means to generate revenue. To generate more revenue, app developers want to target users by providing specific information to them. For this, developers demand more information from their users, thereby raising concerns about user privacy.
According to research by IDC, Android has 91 per cent market share in the country, thus making privacy a pressing issue for Indian app users. Google Play store harbours more than one million apps and has hitherto seen more than 50 billion downloads. People concerned about privacy have long criticised Google for its lax security regime in comparison to Apple's app store.
However, before we delve further into the kind of privacy concerns, it is imperative to understand how app permissions are governed on Android. Before publishing an app, developers have to specify a list of permissions that control how they may access users’ information. When someone installs an app, they are presented with a list of required permissions. The app will get installed only if the user grants all requested permissions. Most users usually accept these permissions without understanding the reason behind why they are required.
More often than not, apps ask for more permissions than they really need. Several applications access personal information such as photos, documents, address book contacts, calendars, location details or other sensitive information, without any direct relevance in doing so. There is no reason for a game, or flashlight app, or a calculator to track your location, but many do. Many app developers often transfer users' contact list or address books to expand their customer base. A small percentage of the apps even access the calendar or meeting invites.
Users are unknowingly allowing companies to use their information for promotional and marketing purposes. It is alarming that some applications have more information about us than our closest friends and family. Think about the apps that request SMS access. These apps can peep into personal and professional conversations of their users. They even know the amount of money users have in their bank accounts!
Children are an extremely lucrative market for apps. Mobile games, especially targetting kids, extract enormous amount of data. In fact, these apps are obtaining information in ways that might be unimaginable to parents. Whether or not parental consent is taken before sharing information with advertisers is a highly dubious subject.
In the name of ease and functionality of fun mobile apps, people have already traded a vast amount of personal data. Moreover, it is unfortunate that many companies are more concerned about generating revenue than protecting user privacy. It is an ethical duty of app developers to take security in an important way and not make their users’ information vulnerable.
Creating a safe and secured product is not enough in today’s app ecosystem. Building the trust of app users is the only long-term solution to resolve the issue of privacy. Developers must clearly indicate the purpose behind taking each permission in the most detailed fashion. In no way must app publishers try to deceive their users or take permissions for doing something more than the declared function.
As a user, we must go through each permission request and understand the reasoning behind it. Permissions give an idea about what an application is asking for, and whether it is demanding more information than what is required, to function properly. Each time one updates an app on their phone, they must verify if the updates need additional permissions. In addition to this, one must check the developer’s website and see that it’s not just a blog. This is often a good indication of quality as well as safety.
People must take more informed decisions and be safe about their application usage, privacy, and data. Fundamentally, Android is a safe platform. Users can enjoy their devices thoroughly if they understand the platform better, use the product with diligence, and employ the right knowledge towards potential threats.
As a platform, Android must give the average user greater control over app permissions. With the release of Android M, we might see Google giving users more power and help create a more secure app environment.
Image Credit "ShutterStock"