Those smart guys at Carnegie Mellon University have been taking a real close look at a whole stack of Android apps and checking out their privacy-related behaviours.
Smartphones contain a ton of personal info: emails, contact lists, location, call logs, photos, social networks, etc and all apps access this data to a greater or lesser degree.
Using their own privacy ‘model’ the CMU team have come up with a grading system which measures the gap between people’s expectations of an app’s behaviour and the app’s actual behaviour.
So, for example, you’d expect Google Maps to access your location data, right? But why the heck are games like Fruit Ninja using it?
Having first ascertained what data each app requires access to, the team then did a series of surveys to determine people’s expectations of what data an app should have access to. Subjective maybe but it does gives as good an indication as you can probably get.
Check out the PrivacyGrade website. It makes interesting reading…
At the moment they have only looked at free apps and it is probably true that paid apps will be far more privacy concious.
Also remember, that if you are really concerned about a particular app there isn’t a great deal you can do other than delete it or find a replacement. But we think it’s a great idea to have this kind of privacy scrutiny out there so we welcome the CMU team’s efforts.
Of course there are a few apps out there already which will check ALL your apps and notify you which permissions they require. Apps like Snoopwall’s Privacy App and MyPermissions’ Online Privacy Shield spring to mind.
But these apps really only tell you which permissions your apps require and then ask you to trust (or not) the app or uninstall it. Neither allow you to restrict permissions on a per-app basis.
Google themselves introduced App Ops in Android 4.3 which did allow you to do this but they kept it hidden and now seem to be backing away from this functionality (it’s even harder to get at in later releases).