Android hasn’t always had a stellar privacy record, but as time has gone on many necessary improvements have been made. Android 10 overhauled permissions, giving users more control, and limiting apps’ background access. Now, Android 11 is taking things to the next level by automatically revoking unused app permissions, introducing scoped storage, and more.
While these changes are more than welcome, there are some missing features that could improve privacy on Android even more. Google doesn’t have to search far for examples either. Android OEMs have already filled some gaps, and Google’s main rival, Apple, is doubling down on its privacy efforts too.
Deep dive: Read our Android 11 review
Android 11 privacy changes
It might not seem like much has changed on the surface of Android 11. However, under the hood, Google has significantly ramped up its privacy efforts. The main focus is once again on permissions.
Users are given more granular controls and can now grant one-time permissions for location, camera, and microphone access. This is a major upgrade from the “while in use” permission because it allows you to test apps and features without worries. Rarely used apps will also see their sensitive permissions revoked after a while.
Don’t miss: The best Android 11 features you need to know
However, the most significant change is to background location access. Developers will now have to explain why their app needs it in the first place, while users must select “Allow all the time” if they want to give access to background location.
All of these changes are necessary and are sure to be well-received. Nevertheless, few if any apps will ever attempt to snoop on you via your camera or microphone. Most are far more interested in your activity inside and outside of their application. That’s where scoped storage comes in. In theory, it places apps in their own little sandbox, preventing them from directly interacting with other installed applications. But is that enough?
Privacy features Android needs to borrow
While the current Android 11 privacy features offer a good amount of protection, there are some notable gaps.
Scoped storage should technically prevent apps from accessing information they are not supposed to, but it would be great to have a fail-safe similar to what Oppo’s Color OS already offers. Personal Information Protection prevents data leaks by replacing sensitive information with blank data when malicious apps try to collect it. This includes call history, contacts, messages, and events. You might be asking why this is necessary, and the answer is simple. No privacy feature is perfect. Vulnerabilities are common and having a second obstacle for malicious apps to overcome makes your device more secure.
Speaking of vulnerabilities, there is one that has been ignored for quite some time: your clipboard. Until recently, apps could easily access text you copied without permission on both Android and iOS. Apple hasn’t fully solved the issue, but it introduced notifications that warn you when applications access your clipboard in iOS 14. Google can easily perfect this feature by turning it into a permission. Why is this important? Because we often copy PINs and passwords to our clipboard, especially when using a password manager. Preventing clipboard access would therefore make phones more secure.
Another privacy feature Android 11 needs to borrow from iOS 14 is Sign in with Apple. The Cupertino company is now requiring iOS developers to include this option any time they offer third-party sign-in. So, what does it do?
Sign in with Apple is both a privacy and a convenience feature. It allows you to log in with your account without filling out long boring forms, but it also protects your data in the process. Apps and websites can only request your name and email address to create an account. Sign in with Google works very similarly, but with one major difference. On an iPhone, you don’t have to hand over your email address either – you can instead use Apple’s private email relay service. It creates and shares a unique, random email address, which then forwards messages to your personal email. Something similar would be an invaluable addition to Android 11’s privacy arsenal.
Limiting third-party data collection
Facebook is the most notorious third-party where your sensitive data can end up. Even if you don’t have its app installed or have never used any of its services, Facebook offers tools that allow developers to relay data collected in their apps to the social network. According to multiple investigations, that can include very sensitive information such as health data from fitness and period tracking apps. Such data leaks occur on both iOS and Android. If you still have a Facebook account, you only have to head to your Off-Facebook activity page to see for yourself. Thousands of popular applications share your in-app activity with the social media giant.
So, is there anything Google can do to combat this? Unfortunately, there is no simple answer here. Apple thought it had found a solution, but it has already received significant pushback. The Cupertino company wants to reign in data harvesting by requiring user permission for tracking across third-party apps and websites.
Users would receive a pop-up asking them to “Allow Tracking” or to “Ask App Not to Track.” Even this relatively mild approach, however, set off Facebook. The social media giant complained that “iOS 14 will hurt many of our developers and publishers at an already difficult time for businesses.” This is because targeted advertising often relies on cross-app tracking. Even so, Apple plans to fully implement the feature next year. Some apps might still attempt to track users, but the company claims their access to a device’s advertising identifier would be limited.
Limiting cross-tracking will be a risky move for Google.
Would this approach be viable for Google? Can Android 11 introduce similar tracking permissions? We don’t think it’s out of the question, but it will be a very risky move that is bound to anger advertisers. Nevertheless, it is one of the core issues Android needs to address if it wants to be on top of its privacy game.
What do you think about Android 11’s privacy features? What would you like to see included? Let us know in the comments.