As privacy concerns loom around Internet and social media, a new study has revealed that applications on Android mobile platform seek over one-third permission for accessing personal data which is necessary for their core functionality.
Before using an app on mobile, the user has to give explicit permission using personal information to use the app or the service. The include permission to access the phone's camera, microphone, call logs, sms inbox, location and even read the contents on the screen in some cases. Users around the world have grown more vigilant over the last few years to personal data accessed by apps and website, which is also supplied to third party-services, in some cases, without the consent of the user.
According to an analysis by Arrka Consulting, a cybersecurity consultancy, on an average, an app seeks at least eight dangerous permissions from the user with the highest being sought by apps in communication, mobile wallets and shopping category. Dangerous permissions include permission to read and write external storage, view call, sms logs, review the contents of email and social media accounts. Apps that seek a lower number of sensitive permission are typically in the category of games, news and entertainment.
With more sophisticated smartphones and faster and cheaper internet, internet firms are using technology to gather more information about its users. The information they gather helps them better target ads and services. While it gives a better internet experience to users, security lapses in the past have shown that it is a highly sensitive businesses to be in. Last year, when Facebook revealed that Cambridge Analytics, was using personal data supplied by a dubious games app on Facebook for voter profiling, a massive debate sparked globally over internet privacy.
At the moment, almost 100% apps and websites send data to third party services, mostly to Google and Facebook. Arrka analysis also revealed that Indian apps seeks 45% more permission than similar global apps elsewhere. In categories like travel booking, shopping and mobile wallets, the difference is at least 1.6x to 1.8x times more permissions.
While there is plenty of dialogue going on and progress has been made on the policy and regulatory front, the average Indian organisation seems to be quite far from taking any concrete steps to translate privacy related concerns into specific actions on the ground. However, one specific aspect of privacy - that of the security of personal data - seems pretty mature, said the report.