Smartphone apps: Is your privacy protected?

Are your apps putting your privacy at risk? We look at the dangers and solutions for Android, BlackBerry and iOS mobile platforms.

1 2 3 4 5 6 Page 3
Page 3 of 6

Before you download an Android app, you're shown a list of permissions the app requires. Android has broad categories of permissions, such as "Network Communications," and "Your Personal Information." Underneath each of those broad categories are finer levels of permissions, such as "Read browser's history and bookmarks," "Read contact data" and "Write contact data." These finer-grained levels of permissions are what you should look at before downloading an app.

app privacy
When you install an Android app, you get a list of permissions.

So which of the permissions should you check? Some, such as "Prevent phone from sleeping" have few, if any, privacy implications. But others you need to look at more closely.

Services that cost you money

Two subcategories of permissions could present problems: "Make phone calls" and "Send SMS or MMS." If an app can make phone calls, it could call a 900 number that charges you money, without your knowledge. The same holds true for sending SMS and MMS messages to services that charge you money. If you encounter a problem related those capabilities, you could end up spending several hours working things out with your carrier.

Your personal information

The "Read contact data" permission presents obvious privacy issues, because it means the apps can view all of your contact information. Keep in mind, though that plenty of apps legitimately need this permission in order to work -- examples include social networking apps, communications apps such as Skype and many others. The "Read calendar data, write calendar data" permission presents similar privacy issues.


The "Modify/delete SD card contents" permission creates obvious potential privacy risks, because it allows the app not just to write information to your SD card, but to read information from it as well, including your photos, music and more. Plenty of apps legitimately need this permission in order to work, such as camera apps, music apps, file management apps and others.

Network communications

The "Full Internet access" permission grants exactly what it says: Full access to sending and receiving data and making connections to external sources over the Internet -- without your knowledge. This is the holy grail for malware and privacy invaders, especially when combined with other permissions, such as "Read contact data," because a malicious app could send all your personal information to a server somewhere, and you wouldn't know it.

Keep in mind, though, that as a general rule, many apps ask for this permission, even though you can't see an obvious reason for it. The game Angry Birds, for example, requires this permission. So merely asking for it is no obvious red flag. However, if you're downloading an app that has rarely been downloaded, has gotten few reviews, and has no obvious reason to ask for that permission, you would do well to think twice before downloading it.

Phone calls

The "Read phone state and identity" permission is a commonly used one because many apps need to know when there's an incoming call. However, this permission also lets an app see your unique phone ID, which can then be used to track you. So if there's no apparent reason for an app to ask for this, and it asks for it, stay away.

Your location

The two location-related types of permissions that apps might request could both invade your privacy. "Fine (GPS-based) location" uses your phone's GPS technology to determine your location precisely. "Coarse (network-based) location" uses Wi-Fi and cell towers to determine your location; it's less precise than the GPS setting. Any location-aware app requires these types of permissions in order to work. If there's no clear reason for an app to ask for this, you might want to stay away.

System tools

Look out for the "Read system log files" or "Read sensitive log data" permissions. Some apps will need these permissions in order to work -- for example, on a Dropbox forum, a staff member wrote: "'Read system log files' is used for crash analysis, so that, if the app has a Force Close, we can determine what the problem was and fix it." But keep in mind that Google says that entries in log files "can contain the user's private information."

Check existing and updated apps

Unfortunately, there's no way for you to know whether apps are indeed sending your info to third parties. You may or may not see more targeted ads on your phone, you may or may not see more spam, etc. There's simply no way to know when the information is being gathered or what's being done with it.

Checking permissions before you download an app can help you vet apps you haven't tried yet. But what can you do about the apps that are already on your Android device? There's a simple way to check their permissions. Tap the Menu key, then select Settings -->Applications -->Manage Applications and tap any app. Scroll to the bottom of the screen and you'll see the Permissions area, which tells you which permissions each app uses. Uninstall any app that concerns you.

In addition, if you're worried about apps tracking your location, you can turn off you phone's location services. Tap the Menu key, then select Settings -->Location & Security. In the My Location section, uncheck the boxes next to "Use wireless networks," "Use GPS satellites" and "Enable assisted GPS." That will turn off all location tracking, but you also won't be able to use any location services. You might consider turning off location tracking, but then turning it back on when you want to use location services.

You can make this process easier by installing a home screen widget that lets you turn services on and off. Many, if not all, Android phones come with a Power Control widget; there are also apps that provide additional functionality, including Dazzler Configurable Switcher, Mini Info and SwitchPro Widget.

Also, keep in mind that when you update an application, the permissions for the updated app aren't necessarily the same as the previous version. Developers can change the permissions. So examine the permissions for the updated app as if you were downloading it for the first time.

One final thing you should do if you're concerned about privacy invasions: Read the reviews on the Android Market before downloading and see whether others have complained about privacy issues. Be wary of apps that have gotten few downloads and few reviews. It's not that they're necessarily less safe, but with no significant reputation to go on, they're harder to check out.

Preston Gralla

1 2 3 4 5 6 Page 3
Page 3 of 6
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon