App Data Permissions Scrutinized; There's an App for That - Technologist
Technologist - The FindLaw Legal Technology Blog

App Data Permissions Scrutinized; There's an App for That

So, you want to play Angry Birds on your new Android handset. What information from your phone will the bird-slinging, pig-killing app access? Lets see: your location, your phone’s state, and oddly enough — access to SMS (text messaging). Why SMS? They need it to enable in app purchases.

That’s one example of one app which had an uproar back in 2011. Since then, apps have grown in number, functionality, and unfortunately in permission-seeking. Another example is Path, a social networking app that just settled with the FTC for $800,000 after it was charged with collecting information about children, some of which were under 13-years-old, reports Inside Counsel.

What's a world to do about pervasive permissions? After all, how in the hell do we live without such apps as Flipboard, Pandora, and OKCupid (so, so lonely)?

The FTC has a few ideas. They want express consent to each permission before an app is installed (that already happens on Android handsets). They also suggest using pretty icons for each type of transmission. After all, pretty icons are far more difficult to ignore than a thirty-word blurb about SMS permissions and in app purchases.

As Inside Counsel quite correctly points out, the FTC has no rulemaking authority. Their advice is merely instructive and influential. Still, if you are an app-maker, it's best to heed their advice. They do have some enforcement power over "unfair or deceptive acts or practices in or affecting commerce." Ask Path how limited the FTC's power actually is.

Whatever route is taken to solve the permissions problem, it's going to have to deal with the age-old shrinkwrap license problem. When most consumers buy a computer, they don't read Windows' end user license agreement (lawyers included). When they sign up for Instagram, they don't read the fine print until everyone else gets upset and the masses begin posting pictures of their angry Instagrammed faces.

The same problem persists with app permissions, especially on a first install. When you've got twenty apps to download and install on a new phone, you aren't going to read every app's permissions. You are going to install them in bulk, quickly, so that you can try out your fancy new gadget.

Until government regulation kicks in, or Google and Apple start policing permission abuse, you're on your own. Fortunately, there are two apps that can help sort through the mess. Avast Mobile Security handles Android anti-malware duties as well as permissions scanning. Another option is aSpotCat, which handles app permissions only.

Related Resources: