Managing intrusive mobile apps

Mobile applications have become an essential part of our daily lives due to rapid digitalization. We use them for entertainment, productivity, socialization and many other purposes. However, the vast majority of mobile apps available today for download are not created with their users' privacy in mind. Hence, most mobile apps are collecting and storing large amounts of unnecessary and personal information from their users.

Users can protect themselves from being trapped in a sticky situation by knowing how to detect intrusive mobile apps.

As a precautionary measure, consumers should think about why the app has been made available and by whom. If an app has been made available by a well-known organization, then it makes good commercial sense to download. But if an app is made available free of charge by an unknown organization or for a frivolous purpose, then you should proceed with utmost care and ask yourself ‘why is this app being made available’ and ‘how does the organization that made it available profit from it’. If there is no clear and logical answer, then, if it for free, YOU are the product! Collecting and sharing personal data about you might be the only real purpose of making the app available. Let’s look at some more ‘details’:

Understanding App Permissions

A 'permission' in an app protects the privacy of the user of the app. Every app must include an 'app manifest' that, amongst other things, lists the permissions that the app uses.

Every mobile phone has an operating system, most commonly the Android operating system (Google) or the iOS (Apple) operating system. The vast majority of mobile phones are 'Android phones' and they have two 'permissions' categories:

Normal permissions

These permissions do not directly risk the user's privacy - for example, permission to set the time zone is a normal permission. If an app lists a normal permission in its manifest, the system grants the permission automatically.

Dangerous permissions

These permissions give the app access to the user's personal data in their mobile phone, such as contacts and SMS messages, as well as certain system features, such as the phone, microphone and camera. If dangerous permissions are requested, privacy laws do not allow the relevant personal data to be collected, used or disclosed unless the user gives explicit consent by 'accepting' the request for permission to do so.

How to look out for intrusive apps

To spot an intrusive app, go to the Google Play store, visit the permissions section and look for what dangerous permissions it requires and whether they are proportional to the purposes and functions of that specific app.

For instance, it would be excessive for a shopping app to request permissions to directly call any phone numbers and read your call logs. The same applies to an entertainment app if it requires access to a calendar when there is no relevance of a calendaring function to the purposes of that app.

Red flags

As a general rule, there are red flags of intrusive mobile apps that users can quickly identify in some cases. The biggest one, for instance, is if the mobile app asks its users for permissions for numerous functions i.e. camera or all phone contacts, without stating the purpose behind the need for these permissions. If a mobile app or company does not disclose to its users the purpose behind the collection and usage of the information they are accessing, generally, this implies that the mobile app is intrusive. The permissions that an app is seeking from its users should only be for functionality purposes.

Privacy Notice of Mobile Apps

As a further precautionary measure, it is recommended consumers read the privacy notice to figure out the permissions and access that they need to give to a mobile app developer or to know how the organization uses and stores their personal data when downloading free apps. This helps consumers to arrive at the decision to not download and use an app if the privacy notice is so complicated that they are unable to understand it or if they are worried about what it says about how the mobile app developer uses and stores their personal data.  For example, if the privacy notice states that the organization can share all of the user’s personal data with third party ‘business partners’, this typically means they can share the app user’s personal data with anyone whenever they feel like it. And you certainly do not like that!!

As mentioned at the beginning of this article, mobile applications have become an essential part of our daily lives due to rapid digitalization. We use them for entertainment, productivity, socialization and many other purposes. However, the vast majority of mobile apps available today for download are not created with their users' privacy in mind. In other words, be careful when downloading apps!!!

Feedback is welcome and can be directed to hjschumacher59@gmail.com

Show comments