The digital rights group Electronic Frontier Foundation quickly hailed this new “awesome privacy tool.” “Want to install Shazam without having it track your location? Easy. Want to install SideCar without letting it read your address book? Done,” technology projects director Peter Eckersley said in a blog post about the feature.
But the feature turned out to be extremely short-lived: It was removed within a day of the EFF's post. Google reportedly told the EFF that the “experimental” feature was released by accident, and that it could break some apps. The EFF wasn't convinced. “We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it,” the organization says. “Many instances of apps 'breaking' when they are denied the ability to collect data like a location or an address book ... can easily be fixed by, for instance, giving them back a fake location, an empty address book.”
This week, the EFF continued its campaigning to convince Google to restore the feature. The digital rights group examined the privacy practices of 17 e-reading apps for Android, to determine which apps were requesting what kind of data. Some of the decisions by app developers make a lot of sense. For instance, 82% of the e-reading apps access users' battery in order to prevent the device from sleeping. Other decisions are more questionable: Twenty-four percent of the apps seek users' approximate locations.
“Unfortunately, Android permissions operate on a 'take it or leave it' model,” the EFF says. The organization adds that users who have installed specialized software, or rooted their devices, can better control privacy. More typical users are “out of luck,” the group writes.