Android 4.4.2 removes hidden App Ops privacy feature, EFF grills Google about it

December 13, 2013
29
318

app-ops

When Google released Android 4.4.2 a few days ago, it removed a hidden privacy feature called App Ops – many of you may know about it, while others may read about it for the first time – which was available on Android since Android 4.3, and now the Electronic Frontier Foundation (EFF) wants it back.

The app allowed users to better control what kind of data Android apps can have access to and/or collect, assuming that users knew about it and how to activate it. Despite being discovered for quite a while, App Ops was never an app that was immediately available to Android users – in other words, if you didn’t know about it, chances are you wouldn’t have discovered it and used in the first place.

Google apparently told the EFF that the app was released by mistake and that it could break apps if still left inside the OS. However, that’s not necessarily a great argument for Google, especially after only recently a flashlight app has been found to access location data and share it with advertisers even though users may have believed they opted out of it.

It’s one thing not to have an app that can have a saying in what kind of data apps access and collect, such as it was the case before Android 4.3, and quite an other to have the app removed starting with Android 4.4.2 – this obviously applies to Android users that knew about App Ops and were actively using it. For everyone else, it’s as if the app never existed. In fact, Android Police reminds us that App Ops was meant to be an internal tool for Google, as confirmed by Android engineer Dianne Hackborn in early November.

As for the app itself, the EFF has extra suggestions for it in case it will be brought back to Android, as in its current state, the app lacks some “fundamental pieces:”

  • Android users should be able to disable all collection of trackable identifiers by an app with a single switch, including data like phone numbers, IMEIs, information about the user’s accounts.
  • There should be a way to disable an app’s network access entirely. It is clear that a large fraction of apps (including flashlights, wallpapers, UI skins, many games) simply don’t need network access and, as we saw last week, are prone to abuse it.
  • The App Ops interface needs to be smoothed out an properly integrated into the main OS user interface, including the Settings->Apps menus and the Play Store. There are numerous ways to make App Ops work for developers. Pick one, and deploy it.

Let’s hear it from our readers, have you used App Ops to disable permissions for apps?

Comments