There are now well over five million different apps available between the App Store and Google Play. Many of them are obviously of utility and quality, most request access to core phone components upon installation.
We’ve all been there. You download a game to unwind, but it asks for your location, microphone, and possibly even contacts. Our phones have become digital assistants, recording data from our location and internet activity to our contact lists and health information. This data collection, often fueled by what we can call “data greed,” raises concerns with apps seemingly demanding access to far more information than they need to function.
With so much data greed coming from applications, there must be a dark lining behind, and it should be worth knowing exactly what we are giving away under the name of privacy.
Here is what you might want to know.
Why Do Apps Need So Many Permissions?
Now, of course, there are logical reasons for some permissions an app asks. The ride-sharing app would probably want to locate you and get your destination, but why would a photo-editing app want to access your microphone? Here are some of the more critical permissions you might be giving:
- Location: Totally reasonable for ride-sharing, maps, or weather apps. Less so for a game or a static noise generator.
- Camera: Totally reasonable for photo and video apps. Less so for a flashlight or calculator.
- Microphone: Totally reasonable for video calls or voice recording apps. Less so for a shopping list or to-do list app.
- Contacts: Needed for social media or communication apps; not needed for a game or music player.
- Storage: Essential when doing photo-editing or handling applications that keep and load large files. Suspicious of games that don’t allow you to save your progress.
The Effects of App Permissions on Privacy and Security
Permission requests themselves aren’t inherently bad. Apps need access to various functionalities to work. However, their implications for privacy and security are significant.
On the one hand, many applications request overly broad and irrelevant access permission to their fundamental corpora. For instance, does a recipe app really need to have access to your contact?
Such malicious apps try to sneak in excessive requests with expected requests to collect data and send it to their creators or third parties. Apps downloaded from suspicious sources pose a greater risk, but even the most verified apps you get from official stores can pass.
On the other hand, even the legitimate apps keep demanding ever more dangerous permissions. This is a direct consequence of the rise in complexity and integration.
Consider some of the most popular and best-rated cycling apps. Asking for access to the phone’s accelerometer and gyroscope, GPS, local data for map storage, the camera, or contacts – from the social media apps – that you wish to share your rides with – isn’t weird.
However, excess data use in these services depends easily attainable permissions that heighten vulnerability to an app. The more intricate the app, the more intricate its security loopholes are left unplugged. The impacts that data breaches have on security, privacy, and trust also become more severe with amassing user data.
Another problem brought about by the granting of permissions is permission creep. It is common to find applications that come in offering some limited, defined function but eventually sprout additional functions as they develop and gain popularity. People tend to give new permissions without thinking twice to continue using those apps.
How Do Developers Address Permission Challenges?
A little transparency can be the best way to build trust toward meeting emerging challenges to privacy. A privacy policy of an app should be in small and basic language, so that it can point exactly towards the type of data that the app gathers and why.
Apps must explain what they need access for, to whom, and why particular segments of your phone are needed. Further, it is best to try to maintain any app with the fewest required permissions needed in order to simplify things.
If the apps are supposed to collect data from the users, it must go through the process of anonymization. This ensures that at the end, the data do not contain particular points that can be used to identify people. Last but not least, developers must respect regulations and laws like the GDPR. This allows users to opt out of any data collection as well as review, change, or remove information already collected.
What Can The Users Do Themselves?
Users can deal with overreaching requests for permissions for apps in a few different ways. Among easier ways, there is the limitation of the number of applications found in the phone and the reassessment of the permissions for old and new ones. Avoid sites and sources of software applications of the third party. Scroll mixed and negative reviews at stores to avoid downloading legitimate but perhaps problematic applications.
It is also a possibility to erase some of this data collected by third parties. The fastest way to do this would be to use data removal services like Incogni.
Practicing the fundamentals of cybersecurity works just as easily. It is more difficult for dubious permissions to have an adverse effect on up-to-date phones with operating systems and anti-malware software. Furthermore, new updates can allow you to tweak app permissions more granularly.
Some malicious applications can request access to the browser. They can copy all saved passwords or, to the contrary, in the case of keyloggers, catch entered authentication codes, etc. Password manager applications store data in a special vault, where the stored credentials are encrypted by advanced encryption algorithms. Installing the manager’s mobile browser extension enables the logins to be filled in automatically without being exposed. Easily get a password manager for your Android, iOS, and other widely used operating systems and use across devices.
It is important to regularly review the apps on your phone and remove those which you don’t need anymore. Additionally, you can also delete applications that have not been updated for quite some time. You would also want to encrypt important data and take it back up to some external source like cloud storage so that you can still access it even when your phone is compromised.
Taking Back Control: How to Manage App Permissions
You don’t have to be donating data to every app you download! Here’s how you can take back control of your privacy and manage those data-grabbing permissions:
- Review Before You Allow: Don’t just blindly hit “allow all.” Take a minute to read through the requested permissions and only grant those that seem genuinely necessary for the app’s function.
- Android vs. iOS: Both these operating systems let you set and control permissions, with just a slight difference. Android ⏭ Settings ⏭ Apps & Notifications, while on iPhone, it’s Settings ⏭ Privacy.
- Revisit and Revoke: Of course, you’re not making any agreements for forever by permitting an app just once. You can actually revisit and take back access for any that seems to be overreaching from the permission settings.
Empower Yourself: Understanding Endangered Data
Knowledge really is power, especially when it comes to your own data. So, read the privacy policy. A good app will have a privacy policy that outlines what data is collected and how it is used. It may be dry reading, but it really might be an eye opener.
- Seek alternatives: If app permissions are overwhelming with an app you have found, most likely, there is an identical application out there that values people’s privacy and requires less. Do a quick web search to know the alternatives.
- Pay attention to third-party apps: Majority of the apps share your information with third-party companies. Pay attention to those who seem to offer no or very minimal information on their data practices.
App Permissions FAQs
- Can an app permission be switched off after granting it?
Absolutely! App permissions can normally be found in your device settings in almost all operating systems.
- Can the app do anything if permission is denied?
The app might stop working, or some of its functionalities might be disabled. This usually represents a fair trade-off in small collateral damage for heightened privacy.
- Can we trust the permissions the apps are asking for?
There’s no way to know for sure, but checking out the reviews from trusted sources will give an inkling into its veracity. Needless to say, if it smells fishy, then it is most probably on the suspicious side.
What happens if I deny an app permission?
Most of the time it will still be usable. For instance, disapproving the map app’s access to location will not turn on turn-by-turn navigation but able to view maps in general.