Android Updates Permission Changes: Is Your Info At Risk?

While automatic app updates are certainly convenient, a recent change made by Google developers may also make them a lot riskier. When an app is updated, the user no longer will receive details on any changes to the app’s permissions, which means that your apps could gain access to new types of data on your device without your knowledge.

The Risks

In some ways, this change does  make things a bit easier on the average user, who may have been overwhelmed by the extra detail, but this streamlining does come at a cost. As long as all of the permissions modified in the update are in the same categories as any current permissions, the user does not see any immediate difference in the permissions display. In a way, this gives the user a bit of a cushion from some of the risk because there will  be a notification if a permission in a new category is requested, but some important permissions changes may still be hidden. Here is one example, as reported in an article on Ars Technica: “For example, an app that previously tracked only coarse GPS coordinates would warn users if an update would begin receiving fine coordinates.”

Obviously, a change like the one described above is absolutely crucial to the user’s sense of safety and security, as the developer behind one of these apps could easily acquire the ability to pinpoint the exact location of the user without any express notification, provided the app has already added permissions in that category. On a larger scale, this could lead to developers adding seemingly “harmless” permissions as a way to get their foot in the door, so to speak, and start acquiring some of that more sensitive information. A user who doesn’t understand this risk would be quite easy to victimize in this way. Even if an app developer updates permissions for good reason or with good intentions, a user should still have the right to know what this means in terms of the access that particular app has to information on the device.

What You Can Do

So, how can you protect yourself from accidentally giving away sensitive information through one of your apps? The easiest way is to keep track of the permissions of every app you download. Though these details are not provided via a notification, they are still accessible through a little effort. In the new Play Store, there is a new “additional information section” which includes a “permissions” link that will provide more detailed information about an app’s specific permissions. Of course, you should also always make sure you are only downloading apps you trust and be sure to take note of any app that start behaving strangely after an update. Once you learn how to navigate the specific details about your apps, this new permissions change, while potentially dangerous, should not put you at any extra risk. If anything, this may serve as a reminder that although apps are meant to be convenient, and this type of information is overwhelming for the less tech-savvy among us, we should always be aware of the specific actions of the applications we use and responsible for protecting our own information.