Friday, 12 March 2021

Don’t just “agree” for all app permissions. Here’s why!

 Mobile apps have changed our lives in countless ways. From ordering food, booking movie or flight tickets, checking account balances, buying clothes or communicating with others- you name it and we have an app for everything. Technology has improved our way of doing daily activities by making things easier. We can’t imagine going back to the age without these applications now.

We do everything and anything in our apps but have you ever thought about the risks we expose ourselves while downloading these applications. Have you ever noticed the permissions you need to agree to before downloading an app? Or you just click “agree” in a hush.

These permissions can violate your privacy and also pose a serious potential threat where they can access all your personal data and content stored in the phone like photos, contacts, chats, calendar data, notes, storage etc.

Although India has more than 300 million mobile internet users, lack of awareness of app-based security and privacy issues is a concern. Indians download numerous apps each week providing various permissions unknowingly to companies. According to experts, while such behavior is understandable, however, such ignorance poses great threats to users.

In one of the reports, communication apps managed the worst, seeking 14.5 dangerous permissions on average, closely followed by finance apps that include mobile wallets, also seeking 12.5 dangerous permissions. Even the shopping apps seek 10.8 dangerous permissions making it riskier for the user. In the same report “while the type of top dangerous permissions accessed remains the same in India and the US, the percentage of apps accessing these permissions varies greatly,” adding that Indian apps access dangerous permissions 3.5 times more than US apps. This clearly indicates the extent to which immoderate permissions are taken by Indian apps.

For instance, if you have downloaded Flipkart on your phone, it has some non-core permissions like access to your device and app history, flashlight, and camera. If you have Ola it has access to your contacts, storage and media files. Apps like these know your exact locations, your house number, apps that you frequently use, details of your email account, restaurants and movie halls you frequently visit and way more things. Is that what you really signed up for. Well, yes, when you clicked on the “agree” button.

You must be proactive while accepting the terms and conditions and not blindly agree with anything and everything you are asked. When you let these mobile applications access more data on your phone that required you basically to expose your personal information to security risks. Hackers can leverage the poorly written code of these applications to gain access to a user’s phone or data.

Related post: Unauthorised Transaction from Bank Account: Here’s How to Get Your Money Back


The threats that may arise due to a lack of awareness are countless. For instance-

Privacy threats:

A shopping app might access your camera and the reasonable answer for such permission would be based on the fact that lots of these apps allow you to search for items through pictures or through barcode scanning. However, many such apps ask for permissions unnecessarily which have no relevance to their function. For example apps like camera flash as torchlight or your phone as a mirror are supposed to have basic functions- for lighting up phone’s LED as flash or turning on your front camera. It is absolutely unnecessary for such apps to have access to your messages, contacts or personal data.

Data / Battery threats:

Various applications keep running in the background resulting in continuous data usage. Shopping apps keep pushing their offers which include an image, a status bar and messages. These ‘push notifications’ utilize a lot of internet data as well as phone battery for such downloads and updates.


Things every user must do before unwittingly granting permissions to apps

1. Always take a proper glance at the policy before accepting it. We all agree to just clicking agree at the end of the disclaimer, however, you must always try and give one proper glance before agreeing to the terms and conditions to avoid giving unnecessary access to apps which might result in the violation of your privacy.

2. Do not install unknown or suspicious apps. Also, avoid downloading apps from unknown sources. You should only download apps from the play store (android users) and app store (iPhone users).

3. Certain precautionary settings changes can be activated to protect your privacy. For instance browsing in incognito mode, or by deactivating your location, or disallowing access to contact list, etc.

However, certain apps require such access. For example, taxi service apps would become meaningless without granting them access to the location.

4. You must critically examine permissions that an app asks for. If you come across permissions that sound unusual like asking for permission that has no relation to its function- avoid it, especially its asking for your contacts, phone, camera, location.

5. Before downloading any app, it’s always better to look at its rating. If it’s below 2 -2.5 on the scale of 5, it’s always advisable to avoid downloading such apps. You can also go through the reviews of the apps so that you have a better understanding of the app and that it’s not a fake app that might spoil your phone.

No comments:

Post a Comment

Nathulal v. State of Madhya Pradesh AIR 1966 SC 43

 Nathulal v. State of Madhya Pradesh AIR 1966 SC 43 CITATION AIR 1966 SC 43 COURT Supreme Court of India JUDGES/CORAM Justice K.S. Shah and ...