Why apps ask for permission to access your smartphone


Smartphones are incredibly useful tools and entertainment devices.  They are also a gateway to a massive amount of our personal data. They can find out where we are, listen to us and see us, know who we talk to and what’s on our schedule. And, through apps, as downloaded to your phone through Apple or Google’s store, companies can leverage this information to provide us with services and them with valuable data.

Both Apple’s iOS and Google’s Android systems have evolved to contain very robust data permission regimes and, in general, apps ask your permission to access your data because they need it for one function or another.

But some apps do get out of hand, as was seen recently with a NSW government digital ID app that was supposed to replace plastic driver licences but instead appeared to ask for everything from location data to camera access.

It’s easy to see how the constant, seemingly intrusive data requests can play into the general user’s suspicions that their phone is spying on them.

So is it? How? And what can you do to outsmart it?

The NSW digital licence wanted access to lots of parts of your phone.

The NSW digital licence wanted access to lots of parts of your phone.Credit:AAP

How do I see which app gets what information?

When you install a new app, it’s common for it to ask for certain permissions. In the past, apps asked for everything they might possibly need upfront, but in newer versions of iOS and Android things are more segmented so they might only ask when they need access. For example a music app might not need any permissions upfront, but might ask for storage access if you want to download songs, or location access if it suggests playlists based on your activity.

On iPhone it’s very easy to see what categories of data you’ve allowed to be collected and by which apps, and you can revise your decisions with a tap. Just go to settings > privacy and then, for example, you could tap on “camera” to see all the apps that have ever asked for access to your camera.

Here’s how it looks on an iPhone:

For non-Apple phones, a similarly streamlined “privacy” setting screen has been added in Android 10 but on all recent versions of Android (at least from 6.0 forwards) you can see which apps have access to what data by navigating to settings > apps & notifications > app permissions. Note that the exact headings may differ depending on your phone.

Here’s how it looks on an Android phone:

If there’s one particular app you’re worried about, on iPhone you can go to Settings and scroll down until you see a list of all your apps. Tap one to see what data it’s getting and grant or revoke any permissions. On Android, you can just hold your finger on any app and tap “info”.

You can let your phone use your camera if you want to take a pic using, say, Instagram.

You can let your phone use your camera if you want to take a pic using, say, Instagram. Credit:Getty

How do I know if an app is overreaching?

As with the initial version of the NSW ID app, some apps will ask permission to all sorts of data that might not seem necessary for the app to work. Android and iOS do a decent job at explaining what the permissions mean, but explaining exactly why an app wants your data and how it will be used is left up to the app developers. Many don’t do a great job of this explanation, leaving it buried in privacy policies you have to seek out yourself.

A digital platforms report from the ACCC earlier this year found the current setup prevents users from making informed choices, or giving meaningful consent, when exchanging their personal data for access to services. Some of its recommendations to remedy this include the introduction of legislation that would bring Australia’s Privacy Act closer in line with Europe’s General Data Protection Regime, which would force platform-holders such as Facebook to be clearer when asking for you permission.

Until then, you should pay attention when giving apps data permissions, and think about whether it’s actually necessary. A good rule of thumb is that if you can’t work out why an app needs a certain category of data, revoke or don’t grant its access. In other words, if in doubt, just say no. If it does end up needing access (say, if you revoked Facebook’s access to your camera but then you wanted to take a photo of yourself with a dog filter), the app will prompt you to allow it.

Why do so many apps want access to my camera?

Camera access is one of the most commonly requested data permissions, and understandably makes some people wary. Do these apps want to surveil you without your knowledge? Most likely the answer is no. Realistically, this would be an expensive and dangerous exercise for any app and would provide little value for most.

So why ask for camera access? Usually the app has an element that lets you upload pictures (as with Instagram) or scan QR codes (those square black-and-white barcodes that give your phone instructions). Unless it’s an image-focused app, the feature that requires access to the camera is usually completely optional. For example, Google Maps uses it for a “Live View” feature that shows walking directions overlaid on the real world. So you can safely deny camera permissions for most apps.

iPhone apps including Twitter and Instagram.

iPhone apps including Twitter and Instagram. Credit:AP

Is Facebook listening to me for ad purposes?

Microphone access is another permission that gets people worried. Apple has included an OS-level feature that puts a bright red notification in the top left of the screen, specifically so you know if something’s recording in the background.

But you’ll most likely never see it unexpectedly because, again, the storage required to collect bulk audio data from your phone would be prohibitive for most apps. And, for Facebook specifically, it’s also totally unnecessary. You provide Facebook with all the data it needs to effectively target you for ads just by having an account, adding friends, browsing the internet and volunteering information by liking, tagging and scrolling. If you are worried, you should check if Facebook has permission to access your microphone. It does ask for it if you want to record video through the app.

If in doubt, don't give an app permission.

If in doubt, don’t give an app permission.Credit:Getty

Why do apps want to track my physical movements?

Your phone is connected to the internet and has a built-in GPS, movement sensors, potentially also a compass, which all makes it great at knowing where you are and when you’re moving. There are a huge number of applications for this data, from macro uses (Google Maps guiding you on a road trip) to micro (helping to calibrate a robot vacuum). Facebook wants to tie your posts to a specific location. Music and video streaming services want to know when you’re on the move to tweak services and recommendations.

It can be very useful, but it’s also information that people are extremely protective of. When it comes to location data, both Android and iOS allow you to grant permission “only while in use” so, for example, you can still have your location tagged when you post something on Twitter without letting the app monitor you all the time. Both systems also provide a switch you can use to completely turn on and off location services, and will remind you periodically if an app has been tracking you in the background.

As ever, apps are not obligated to tell you exactly what they do with the data in advance so if you can’t find a satisfying answer in its privacy policy, consider revoking the permission.

Is there a reason I get so many requests for Bluetooth data?

Apple has made a change in iOS 13 that requires apps to ask permission to access your phone’s Bluetooth capabilities. Some apps have a legitimate reason for this data – for example, Fitbit needs it to find and connect to your fitness tracker – but hundreds of others use it to track your physical location.

Loading

In particular, apps that sell you things or serve you ads have traditionally monitored Bluetooth to track when users are near certain beacons, which can tell them when you’re near their store or some other landmark. Deny this permission unless the app gives you a good reason not to.

In fact, Bluetooth scanning is such an effective tracking tool that Android has required apps to request location data permissions in order to access Bluetooth since 2015. For this reason and others, it’s a good idea to set most apps to “only while in use” when they ask for your location data if you decide to give it to them at all.

Are there any other permissions I should be aware of?

On Android, apps can request access to your phone calls, call logs and SMS messages. There are legitimate uses for this data, including identifying you to your telco or pausing certain actions when a call comes in; some games and fitness tracking apps do this. That said, you should allow this kind of access for apps only from companies you trust.

There have been examples of dodgy free Android games collecting sensitive information through these permissions — including phone numbers and IMEIs (the unique number that identifies your device to phone towers) — and selling them to spammers who’ll call or message you hawking their wares, or scammers who will try to defraud you.

Most Viewed in Technology

Loading



Source link Technology

Enter your Email Address

Leave a Reply

Your email address will not be published. Required fields are marked *