Smartphone Apps Know Too Much. We Need to Fix Permissions

From Wired - April 14, 2018

Thanks to Facebook, app permissions have popped back into the publics consciousness again. Last month it was discovered that Facebook had stored the phone logs of Android users who opted sharing their contacts in the days before Android 4.1 Jelly Bean. Then this week, during Mark Zuckerbergs congressional testimony, two representatives asked whether Facebook might be listening to private conversations through our phone microphones and using the info to serve up eerily specific ads.

Zuckerberg responded definitively to the questions about the microphone conspiracy theorynothen felt the need to add that Facebook does have access to audio when people record video on their devices for Facebook. I think that is pretty clear. But I just wanted to make sure I was exhaustive there, he said.

But Zuckerbergs do-si-do with Congress, rather than being clear or exhaustive, showed that people are still genuinely confused about what data their smartphone apps can and cant access. Thats partly because of app permissions: Theyre oversimplified and designed to offer a minimal amount of information, right as theyre asking for access to your data. And while theyve improved just as apps have, its not enough to match the sophistication of the data-gathering technology that now surrounds us.

It may seem obvious at this point, but mobile appsnot just Facebookcan vacuum up a crazy amount of data with every interaction. (Just look at what happens when you order a pizza, as illustrated by The Wall Street Journal). Both iOS and Android apps are capable of accessing your phones microphone, cameras, camera roll, location services, calendar, contacts, motion sensors, speech recognition, and social media accounts.

Some of this access is necessary: a photo app doesnt work without access to a smartphones camera, just like a ride-hailing app like Uber doesnt work without location information. Reject those permissions, and youll break functionality. But sensor data could also reveal a lot more than some people realize, especially when patterns start to emerge.

One Android app developer, who requested anonymity to avoid speaking on behalf of his company, noted that once you grant location access, app makers are able to pull in bearing and altitude information in addition to single location objects. This means apps can know roughly which floor of a highrise you live on. Ish Shabazz, an independent iOS developer, says that once you give an app permission to always have access to your location, theres an API to keep track of how frequently you visit a location. (On iPhones, this list is visible in Location Services, then System Services, then Significant Locations.)

There are legitimate and friendly ways that this data is used, Shabazz says. However, if youre nefarious, Im sure that info could be used in non-helpful ways.

Amod Setlur, a former director of engineering at Yahoo who now runs a Silicon Valley analytics firm called Auryc, says one of his clients, a travel app, learned some interesting behavioral patterns about its customers based on how they were holding their phones.

We found that during traffic spikes [in the app] at night, a lot of device rotations were happening, Setlur says. They were starting like this, and then they would turn the phone like this. We realized that people were trying to plan their next trip, turning the phone sideways to look at photos, while they were lying in bed.

Those are just insights, the kind that make marketers froth, but there are the clear overreaches in app, too: Paths unauthorized upload of peoples address books to its servers; Pokemon Gos ability to see and modify nearly all information in your Google account, and Meitus request for access to GPS and SIM card information. Usually its around privacy violations like theseor around Facebook newsthat app permissions get a fresh dose of attention.

App permissions are supposed to exist as the practical barrier between app makers and specific parts of your phones data. A permission request from an app pops up, and its on the smartphone user to decide whether to open that door. Sometimes they come with explanations; in fact, the app platforms encourage this. Its a good idea to explain to the user why your app wants the permissions before calling requestPermissions(), the Android developer documentation says.

Privacy Rules


Continue reading at Wired »