By 
We saw this coming and now, Apple, Google, Microsoft, RIM, Amazon and HP have all agreed to make developers’ lives a little more difficult by including mandatory privacy policies to go along with their apps before a user can purchase or download them. This is all thanks to California’s Online Privacy Protection Act which recently has been made to include mobile apps.
There was no specific time table given on how long each of these big companies will have to comply with the act, but the Attorney General’s office will apparently be checking up with each individual company in about 6 months. If the Big 6 don’t comply, the AG has made it clear they’ll face a fat lawsuit from the state of California herself. Google was the first of the 6 to step up and declare that changes will be made to the Android Market “in the coming weeks.”
When it comes to the Android Market, privacy policies are seemingly already in effect under the permissions tab, where a user can see what kind of permissions an app asks for from their device. With some minor tweaking, or a more prevalent pop-up when installing apps, seems Android is already covered. But, depending on Google’s new Market requirements (which haven’t been disclosed as of yet), developers could be facing the trouble of having to create full legal privacy policies for any and all kinds of user information they collect. This, of course, is all done to protect the user by giving them a privacy policy they will no doubt skip through, but it could give developers a much harder time when publishing their apps to the Market, seeing as now they will have to come up with “legal speak” to protect themselves in the event of lawsuit from an angry user.
We’ll have to wait to see how it all plays out. It’s possible Google could give devs a nice legal template for permissions requested, making everyone’s lives a little easier. Or devs will have to call up their lawyer to draft something up. I guess the only question that now remains is… are you guys down wit OPP? (I’m sorry, you had to know that was coming).
[Attorney General’s Office | Via Cnet]
If devs didn’t already have ‘ “legal speak” to protect themselves in the event of a lawsuit’, I don’t see how this hurts them. Collecting user data WITHOUT a privacy policy seems like a huge liability.
It will also benefit devs who need to access (for example) contact information for non-obvious reasons by giving them a chance to explain why they are accessing it (i.e. friend finder functions). Android devs often put this in the application description in response to negative comments, but having it in a somewhat more binding privacy policy will give users a higher level of comfort.
As long as users actually read the privacy policy. How many people do you know who actually read those? Heck developers add details about why some permissions are used in an app description and they still get a slew of negative comments because no one took the time to read.
i always want to ask this, is it possible to fake the permission? for example, an app requiring the phone call permission, but the developer fake it into requiring storage permission. *spy-ware like*
as for this OPP, i dont mind reading why the developer require my phone call and sms permission. i like it and support it.
If you try this, the phone calls won’t work. The permissions tell both the user and the phone what the app can do. If the app doesn’t tell the phone that it can make phone calls, the phone won’t let it make phone calls.
no, i meant uploading it into the market. let say i made an app and it require full access permission, but on the market, i fake it into storage permission (tricking people). can someone do that and gain full access of their phone?
Still no, because the place in the app’s code where you declare your permissions (the android manifest) is the same place that the market takes the permissions from. So, if someone tried to take full-access permission, they would have to essentially tell that to the market. The only hope would be to hack into the market itself and make it say what you want it to say.
oh i see, thanks for the info.
Not possible.
The App has a Manifest that declares what permissions the app will need.
That Manifest tells
* The Market (before installation)
* The User (during installation)
* The Phone (after installation)
what permissions the app has.
The Phone enforces these permissions. It would be possible in principle to hack the phone and subvert the part of the system that enforces these permissions. If your phone is hacked, then you can’t trust it at all. All bets are off. Hopefully both Android and the underlying Linux do not allow any other application to hack the system and elevate their privileges.
The installer informs the user of the App’s Permissions just prior to installation. It would be possible in principle, for a phone that has been hacked *prior* to installation of the app, to subvert the part of the installer that prompts the user with the permissions required by the app about to be installed.
The Market, before installation, advertises the permissions the App will need. It would be possible in principle to hack into Google’s market (however unlikely) and subvert the part of the Market that tells you what permissions the App will require. But then once the user clicks Install, the installer on the phone will advertise to the user the true permissions of the App and these will differ from what the Market advertised. Of course, some users are dumb enough not to read or care.
Hope that helps.
All true and well explained, except for the fact that the market acts as an installer when downloading apps from there, so if you hacked the market to say what you wanted, there would be no extra installer to tell the user what the real permissions are.
The installer is within the phone. The phone gets a message from the market to install something. Software (eg the installer) in the phone receives the message, downloads the app, inspects the manifest, presents the user with the permissions for approval, and if approved, then installs the application by creating a new Linux user account, home directory etc, and unpacking and distributing various files and then making a menu entry in Android for the Activities declared by the app. Note that one app can install zero, one or many icons into the application launcher.
Even if you (could) hack the market, once the phone installer downloads the app, the user will be presented with the true permissions declared in the manifest of the app. These are the same permissions that Android is going to enforce.
When are you saying that the user is presented with the permissions?
The user is first presented with the permissions twice.
First on the market web pages. (Suppose you are using Market on a web browser on your PC.) Or when using the Market app on device. But you don’t “approve” here.
You click Install.
The phone begins the install and presents an Activity that shows the permissions from the manifest and asks you to approve. That is the 2nd time permissions are presented to you. If I recall correctly, the steps are . . .
See app in market (web page, or app on device).
See permissions on market (web page or app).
Click Install.
Phone downloads app.
Phone presents permissions and asks for approval.
If you use the Market app, then it may seem like the Activity asking for approval is part of the Market app. But in fact, that Activity is part of the installer. That same Activity follows in the Amazon app store, for example. Of if you pick an “apk” file to install using a file manager (and your phone allows this) — even non rooted.
I have installed almost 200 apps over time. But I haven’t installed any new ones for awhile. (And have deleted several dozen.) I’d be happy to be corrected if what I describe is not correct today.
@DannyB2:disqus (I can’t reply to your comment, probably because it’s too thin already) I understand what you’re saying. In the web browser market, it does bring up an install page no your phone. But that page doesn’t appear in the market app. Instead, the market’s permissions page shows up, then when you click accept, it installs it to your phone without showing the usual install permissions page.
Im all for it as long as they make it as easy as possible for devs. We all know developers are the force of every platforms. Scaring them or harrassing them is a lose lose game.
I’m sorry but when I think OPP, I think:
http://youtu.be/6xGuGSDsDrM
As a developer I would like to formally say, this sucks!
california once again wasting time with more regulations rather than fixing real problems.
It seems to me that a really simple solution for developers is to create apps that never ask for data. If it doesn’t ask for data, nothing to disclose. The End.
You still need a privacy policy that states that not only do you not disclose any information to anyone, but that you don’t collect any personal information in the first place.
IMO, Google should offer a variety of pre-written privacy policy templates to developers, where lawyers have gone over the language.
Everything from:
1. we don’t collect or disclose anything, your data is totally private
to
2. we rape your phone for data and use it any way we can for money
Depending on the kind of app, that might not be possible. Anything that requires a user to log-in to some service will require some data. Heck, probably every ad-supported app wil indirectly collect some data to display only relevant adds. (And developers might not even realize this and not include any policy thinking they’re safe as they don’t personally collect any data)
If I were a developer I would like the option of not having my app sold in California. They can just go to hell, problem solved.
As an end user I would like the option of having the Market hide from my view all developers (and their apps) who don’t sell apps in California, even though I don’t live there.
I would think that Google, Apple, etc will try to make this as simple as possible for devs. I’m thinking boilerplate-like privacy policies that devs can implement with each app. Kind of like
“What data do you collect? Names, emails, contacts.”
“Who is that data shared with? No one, partners, 3rd party devs, spammers.”
And let devs check off whatever applies and generate a standard privacy policy that gets attached.
All you need is a privacy policy.
Here is one:
PRIVACY POLICY
“We will gather all your data. We will upload it to the mother ship. You give us permission to use your data in any conceivable way we can think of that makes us money.”
[ I AGREE ]
Google can make this easy by having a number of privacy policy templates that developers can choose from. The above template is probably one extreme example.
At the other extreme would be a policy that says we won’t gather any data, won’t transmit any of your data outside of the phone/device, won’t transmit your data to any third party application on the device, and won’t transmit your data to any third party outside of the phone/device.
Google has to come up with some sort of template library, where developers could pick a standardized agreement and enhance it to reflect their own apps. They have to remember that there’s a ton of international developers, who cannot hire a US lawyer to create such a document, neither their English skills are strong enough to create it on their own. Needless to say that majority of home grown devs in US are legally illiterate, but at least they can hire someone to do the damn job. Which no doubt will raise the project cost, and therefore will be reflected in the app price.