Installing an Android app will, by default, grant the app no permissions to your system. What this means is the app can’t do anything particularly exciting. It might include a simple user interface and basic behavior. Maybe the app can function as a full calculator. But as the app begins to require more and more things from the phone, it needs to be able to ask permission from the user to get things done.
An example is the camera permission. No app can access your front- or back-facing camera without explicitly requesting this permission. This is a good thing, of course. You don’t want the app to how to spy on a cell phone remotely be able to take pictures of you without your knowledge. Another sensitive permission is the location permission, which lets an app know where you are in the world. Some apps have legitimate uses for the camera or location permissions, like taking photos or helping you navigate with GPS satellites. Apps might also gather location information for legitimate analytics, which is often done with the user’s consent.
But recently, lots of apps have been requesting a bunch of permissions that they just don’t need. Why would a game like Candy Crush need to be able to read through all of your contacts? For most of these games, it’s probably so you can invite friends or see who else in your friend group plays. It’s a great marketing strategy for the app developer, but is it in your best interest as a consumer? Probably not. When you face the pressure of wanting to install an exciting new Android app or game, though, you are probably going to be a bit more forgiving about what information you give to app developers. This creates serious concerns about your personal privacy.
Android is beginning to restrict apps’ ability to take this much action without explicit consent from the user. With Android 6 Marshmallow, apps request permission for certain features only when they need them. This means that the first time a particular app tries to save something to the file storage, or uses the phone’s camera, or tries to see what WiFi network you’re connected to, you’ll need to give it permission. And if you say no, instead of being unable to download and use the app, you will just lose access to whatever feature required these permissions. Sure, app developers can restrict large sections of an app to people who will not enable certain permissions, but the app developer probably won’t want you to uninstall the app completely.
Because of this, it is more difficult now for app developers to try to slip a bunch of superfluous permissions past you. Instead of asking for everything at once, you will be prompted to grant single permissions on demand, forcing you to pay more attention to what permissions you’re granting. And, of course, if you never use a feature that requires a particular permission, you don’t have to worry about the app taking control it doesn’t deserve to have.
Asking for this much information can drain your phone’s battery pretty quickly, too. There are plenty of accounts of removing Facebook’s Android app and seeing a massive increase in the amount of time the phone can stay alive before it needs a recharge. Most apps should only take up significant battery while they are actively running. Receiving notifications happens in the operating system, so an app does not need to be paying constant attention for notifications to be received. Facebook, requesting permissions for things like your call history and location, has a serious impact on the life of your device.
Keep track of what permissions you’re granting to applications. You don’t always know exactly what is going to happen with data that gets collected.