Why Do Android Apps Request Access to So Much Data?

Why Do Android Apps Request Access to So Much Data?

If you’ve installed any Android apps lately, then you’ve probably noticed a wave of permission requests appear on-screen.

Facebook Messenger became notorious for its permission requests. It requests access to your contacts, SMS, phone, and much more. If you deny those permission requests, then you can’t install Facebook Messenger.

Why do Android apps request access to all your personal data? What are they doing with all that data? Why does this new weather app want to text my friends? The answers may surprise you.

It sounds a lot scarier than it is

The problem with permission requests is with Google’s app policies: not the app developers.

Specifically, apps must request permission for each part of the phone they use.

permission requests

No matter how they use that part of the phone, Google species the wording of the permission request.

In other words, app developers must declare which parts of the phone their app uses and they must use Google’s wording to phrase those requests.

That’s why say, Facebook Messenger, will have a permission request like this:

“Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.”

When really, all that means is that you can take pictures from within the Facebook app. Facebook has to request the ability to take pictures at any time when really, the only way to take a picture is by explicitly performing that action.

Another excellent example of this is location-based apps. Many apps that use location also request access to your Wi-Fi signal and nearby Wi-Fi locations.

Why? They do this because Android uses Wi-Fi to monitor your location. Apps that use location also have to tag on this permission request.

Why Google needs to change its policies

As mentioned above, I feel Google is in the wrong here: not app developers. Why? For two reasons:

Reason 1) Because users are starting to become “numb” to all these permission requests

Every time you install an app these days, you see permission requests for a number of categories on your phone. When these requests first started appearing, some of us read through all of them. Today, some of us just glance through these requests or even ignore them altogether. We’re used to those requests being relatively innocent: which increases the likelihood that a malicious app will slip through the cracks.

google permissions

Reason 2) Because it bundles different permission requests under one umbrella

The other problem is that users have no way to differentiate between permission requests. For example, Facebook Messenger requests the following: “Allows the app to call phone numbers without your intervention”. That’s because Facebook Messenger lets you call people from inside the app. That’s a whole lot different from an app that will randomly dial people in your contacts without your intervention.

The iPhone method is probably better

Android already has a reputation as being tough on developers and this permission request mess doesn’t change that.

Many people prefer the iPhone’s method of permission requests: it pops a request on your screen whenever the app wants to access a certain part of your phone.

iphone method

Which method do you think is better?