Content
Skip to Main ContentAccessibility Help
Spark

How to make sense of app permissions

You want access to what?
CBC Radio ·
Most apps aren't as direct as this one from Bunz Trading Zone. It's often unclear what an app will do with your personal data once you agree to give it access. (Bunz Trading Zone )
Spark10:11How to make sense of app permissions

This story first aired in January, 2016.

You know when you install a new app on your phone, and you see a request from that app looking to access some of your information? Maybe a messaging app wants access to your contacts, or a check-in app wants your location. But just how often are they using this data, and what are they using it for exactly?

Serge Egelman is a researcher at the International Computer Science Institute at the University of California at Berkeley. Egelman, along with colleagues at Berkeley and the University of British Columbia, studied how often our phones track us, particularly when we don't expect it. To do this, they set up a set of Android phones to log each time an app accessed personal information on the phone's, and gave them to a group of participants to use.

In most cases, when you download an app, or use that app for the first time, your phone will let will let you know what personal information is being accessed. Egelman and his colleagues found a shortcoming with this system, in that, "...once users grant applications access to this data, no one really has a good sense of how often the applications will use this data in the future. That's because once you grant the request the first time, the application has the ability to access that data indefinitely..." When they questioned the study's participants at the end of the process, they found that most had no idea how frequently apps were accessing personal data from their phones.

If the problem is that these apps are constantly accessing our information without us knowing it, the alternative, receiving constant notification of everything our phones are doing, doesn't seem so great either. It's an idea that those iconic Mac vs. PC ads poked fun at.

According the Serge, finding a balance is actually a very difficult problem.  He says that, "...users aren't asked to give permission in the cases that they necessarily care about. They see prompts too frequently for cases that are seemingly benign, to the point that, when they see something that might ber questionable, they've already become habituated to seeing these prompts."

The ideal solution, Egelman says, will be a system that is able to learn which permissions are important to us, and which can be ignored. But until then, if these companies want to alleviate our concern, the best solution is simply to be more transparent about what they do with our information. As it stands, "...it's very opaque...whether location information is going to be used because the app has some location based feature, or if that is solely being used to track you for ad targeting purposes." 

Thank you to Bunz Trading Zone for allowing us to use an image from their app in this post.

More from this episode