Mobile app permissions are a daunting problem: it’s difficult to know exactly what each app on your phone is doing, reading, or tracking when you’re not using the app. With the right combination of permissions, an app can have access to everyone you’ve talked to, everywhere you’ve been, and more. And even if you take a proactive approach to managing your apps, it might require toggling through a hundred different settings and options.
A group of researchers at Carnegie Mellon University say they’ve come up with a solution for app permissions, after spending the past few years researching mobile apps and consumer privacy preferences. The group, led by Professor Norman Sadeh, also the director of CMU’s Mobile Commerce Laboratory, just released an app in the Google Play Store called, simply, Privacy Assistant. The app only runs on rooted (jailbroken) Android phones, since it requires system privileges in order to work properly, but Sadeh says this is just a start in the group’s larger goals around privacy protections.
The Privacy Assistant app first takes users through a privacy preferences quiz, asking up to five questions around a person’s comfort level with social media and finance apps having location data, or how a person feels about productivity apps having access to contacts. Then the Assistant scans the code of the apps already installed on the phone, differentiating between apps that need permissions to work properly and those using data for advertising or analytics.
Based on all of that, it makes regular recommendations to either deny access to new apps or adjust the settings on existing apps for privacy settings. In early tests of the app, the researchers found that 78 percent of the privacy recommendations made by the app were accepted by beta testers.
Introducing another app to solve the problem of potentially overreaching apps might sound antithetical. But Sadeh says that the Privacy Assistant app was designed to do the heavy lifting for smartphone users, not add to the load of problems apps.
“The problem with app permissions is there is an unrealistically high number of them today,” Sadeh said in an interview with The Verge. “Even if you only have 60 apps on your phone and even if they require just three permissions each, that’s already 180 settings you have to configure. It’s pretty clear nobody has the time to do that, except for maybe a privacy advocate.”
App permissions have been a controversial topic in recent years, with much of the early attention focused on the language around Google’s Android permissions. Android and iOS now offer fairly similar controls around app permissions. But it’s not uncommon, during the installation of an mobile app, to see a request to access your phone’s location data, SMS messaging, microphone, or camera, even when the app doesn’t have an obvious need for that access.
Privacy advocates have long criticized mobile app permissions as being both invasive and opaque. In 2014, The Huffington Post inadvertently sparked an app permissions firestorm when it called Facebook Messenger’s app “insidious,” later issuing a correction to clarify that it was the Android-specific language around permissions that was so alarming. More recently, popular apps like Pokémon Go and the photo-filter app Meitu were widely criticized for invasive app permissions; in the case of Pokémon Go, the app requested access to your Gmail, while Meitu was pulling in phone identifiers like the IMEI (on Android only), as well as very specific location data.
To be sure, a lot of mobile consumers just hit “accept” and move on. The results of an internet survey conducted by Berkeley in back in 2012 showed that only 17 percent of participates paid attention to app permissions and just 3 percent could answer comprehension questions about app permissions. But, arguably, mobile consumers have grown much savvier since then.
Some developers say app permissions are somewhat of a necessary evil in the app-making world. The permissions may be required just to make the app work as it is supposed to; you can’t use a geolocation app without giving access to your location, for example. (In fact, during CMU’s own research, the group found that the main reason why people would re-allow permissions on their phones is because denying permission would break functionality.) Even the most well-intentioned developers might be compelled to request access to the data because they’re feeding it to analytics tools like MixPanel or Google Analytics to better understand how people are using their apps.
Intentions aside, the sheer amount of data shared through mobile apps is enough to make even the most laissez-faire smartphone user worried from time to time.
CMU’s Privacy Assistant app is somewhat limited in scope right now: it’s addressing data-sharing concerns around mobile apps only, and it only runs on rooted Android phones. But Sadeh says the bigger vision is to eventually apply this approach to a “variety of technologies” that we interact with.
“There’s a very strong reason to believe that the answers to these very same questions could predict how you want your privacy settings to work on your browser, or on Facebook,” Sadeh said. “There’s no reason why you should be entering your preferences over and over again.”