As a longtime Android user with little hands-on time with iOS devices, the discovery that Path was uploading entire iOS device address books to their servers without confirmation or approval was shocking. I had assumed that iOS apps were almost entirely sandboxed, relying on things like Facebook connect style logins to join up with others playing online, not allowing address book access or the like, but apparently I was wrong.
The Android faithful have been thumping their chests over the fact that while nearly every Android application wants some form of your personal information in return for being free or nearly so, at least you have to OK this up-front before it is installed. And while some app developers understand concerns over this by listing why exactly their app needs these permissions, pride in this system of all-or-nothing permissions is for the most part misplaced. Almost nobody pays attention to these permissions just because saying no means saying no to the entire app. Dangle something shiny enough in front of the user, and they will sign all of their personal information away for it.
The Vergecast podcast this week had a flip observation that people shouldn't get so upset about this kind of access, that your personal computer's applications can read each other's data all they want without restriction, so why are you so upset that apps can do it?
Dark humor like this masks an important and fragile distinction between computers and smartphones. The computer is a general computing device that can be audited and analyzed to track traffic and activities to ensure an application is behaving appropriately. Smartphones, for the most part, not only can't be controlled this way but smartphone vendors and app vendors and the carriers themselves have a vested interest in keeping you from doing so.
Remind Me Again Why I Do This?
This vested interest has created a very dark underbelly that the public definitely does not like seeing, and Path forced them to look at, however briefly. So much of what we do is tracked, collected, and sold (and probably stolen from badly secured locations all along that path). On Android, at least, so many users don't want to be reminded of how they click Accept at every opportunity.
When it comes to choosing applications I try to be careful. But as the mobile computing revolution rages on, I find myself sidelined by an overpowering tide of applications that need all of my data as the price of admission no matter how simple a diversion the app offers, be it slinging birds at pigs in glass houses or tapping residents of a virtual high rise.
It's not even just apps doing this to customers, either. Amazon's App Store very famously burst onto the Android scene by giving away popular apps to those who would install it and, incidentally, not look too closely at how it needs to run on your device. Researchers put two and two together and found that the Amazon App Store itself runs with system-level access and may be sending usability data and other metrics on potentially anything and everything running on your device – not just their apps – back to Amazon. I ran from the App Store and haven't looked back.
Don't Tell Me To Calm Down
And there are certainly apologists for the raft of permissions any given “free” or not even free app is asking for. DroidGamer's plaintive cry of “Everyone isn't trying to spy on you! Calm down!” is hideously naïve. With no clear way to monitor what the app is doing, we are asked to trust what the developer has done, trust their intentions, and trust they are able to store our personal data safely on their servers so it's not pilfered for other uses by other parties.
Really? You're asking me to trust someone that makes no money from me up front with my personal information, a very valuable asset?
Some developers may say look, app costs are climbing, and the public doesn't want to pay what it really costs to make an app so we subsidize it with advertising and other means enabled by mining personal data. This is an understandable argument, but it's also the polluter's argument. Developers are externalizing the costs of making their apps, subsidizing it by selling your personal information to third party marketers in one form or another, indirectly or no. It seems like the whole “app revolution” is built on pillars of sand trying to hide the costs of the app development and data services by selling personal data to cover it instead.
Where To Go From Here
Right now the best advice is to stay vigilant and resist the urge to install the next shiny thing that shows up on your friend's device. An Android Central post about app security has probably the sanest view of the current situation by recommending vigilance and asking for better permission descriptions. Is it too much to ask for a requirement that tells me in plain English what they need from my device, exactly, and why?
It would be nice to get the ability to demo an app without giving it any of my data and then make a decision as to whether I want to pay with personal data or with real dollars and cents. It would also be nice to have the Android permissions system change to one where each item could be granted or declined by the user, and it would be up to the app developer to make it worth my while to activate these permissions or features.
As with many other services that have marketing-related limitations and not technical ones, I say this: Please, just let me pay you for the service and we'll both be happier. You get paid, I get the service or app without feeling like your hands are emptying my pockets behind my back, and we both make out OK. Think about it. I'll be here if you decide to come back and make me an offer.