So you got a new Android phone, and the glorious moment arrives after unboxing it – you go to install your first app from Google Play.

A notice pops up that says something along the lines of, “This app requires the following permissions,” and it lists ten permissions that make no sense.

Why would a social media app need to know if I’m on the phone or not?

 

Why does it need access to my storage media?

 

I recently got into app creation and management, which is something I’ve wanted to do for a long time. I find the entire concept of apps completely fascinating, and I decided to learn how to create one so I could launch it for my day job. I used a framework software that sets up the basic programming, and allows you to add functionality, and customization. It makes it a much quicker process to create and launch an app, and it costs far less for the end user, which is fantastic.

I created, designed, and finalized my app in under a week, with periodic downloads from my computer to my Android phone to bug check. I uploaded it to the Google Play store once it was finished, to confirm that it was safe to install for the general public, and was shocked.

Oddly enough, I found that my app, which I had created, contained a list of required permissions that I didn’t expect. I had created this app, and I knew exactly what went into it, so why was it asking for things like GPS location information, and other personal stuff?

 

First, let’s handle the app requiring call permissions – any app that is installed on your device needs to be able to get interrupted if you get a phone call. This allows your phone to bring up the incoming call screen without crashing, or otherwise borking, if you’re in another app. It tells the phone to hold the status of your open app while you’re on the phone. That’s a typical permission, and nothing that needs to worry you. Anything to do with phone status, identity, or making and receiving calls is likely attributed to a service that the app performs – for example, some apps allow you to make calls through software, such as Skype, or Google Voice.

Access to contacts / your personal information – also fairly innocuous, really. What this means is that you can use this app to send or receive messages, connect contacts between accounts and your phone, and just generally allow a seamless experience between your phone, and your social accounts. If the app doesn’t have any social aspect to it, it won’t need these permissions.

Your precise location – this makes total sense, if you think about it. Any app that requires your location information will need access to your GPS so it can tell you what you are asking. Want to use a map program to get somewhere, or find an address? Well, of course your phone needs to know your location, so it can provide directions. Social media wants this information to allow you to “check-in” when you visit a store, or restaurant. It means that you don’t have to manually punch in an address to get the information you’re after.

Network communication – if this app doesn’t connect to the internet as part of its functionality, this likely just means it serves ads. To get those ads, it has to connect to the internet, and communicate with the servers that send that information out. If the app has no ads, and it doesn’t otherwise require permission to connect to the internet, be a little wary.

Read, write, and delete storage media – this one confused me, at first. Why would any app need access to my SD card? It turns out, this makes total sense, too. The app in question is likely some sort of sharing community, like most social media, or has access to the cloud. In order to be able to post photos, videos, or voice notes to your social media account, or save it online as a backup, it will definitely want access to storage media on your phone.

Record audio / access camera – No, the app is not spying on you. This one goes hand-in-hand with the previous explanation. Any app requesting this permission is doing so because it needs your permission to be able to send that content out, whether it be to Facebook, Twitter, YouTube, or some other social media app.

In my opinion, the language surrounding app permissions needs to be revised. These permissions can sound Orwellian, to say the least. My advice is to use common sense when installing an app, and become familiar with the different permissions, and why an app would request them. A game may ask for access to your contacts, because it wants to manage who you’re inviting to play with you. If you’re installing a flashlight app and it wants to know your GPS location, consider the possibility that you’re actually in a horror movie.

Most apps approved for distribution in the Play store are safe, if only because any nefarious behaviour would get noticed, and quickly made public, by the technologically conversant. If you aren’t totally sure about something, your best option is to ask the developer directly – if they can’t or won’t answer your question, you may want to consider a different, less invasive app.

And always remember – in life, if you’re not paying for it, you are probably the product.

 

Questions? Let me know!