On Tue, Jul 27, 2010 at 3:44 PM, TreKing <[email protected]> wrote:
> On Tue, Jul 27, 2010 at 2:36 PM, sharedwd <[email protected]> wrote: > >> How can I be assured the app doesn't instantly collect all my contact >> information for it's own marketing promotions or something else? >> > > You can't. > > >> I guess what I'm wanting to know is: If an app has "read contact data" >> permission for a unique feature of the app, does that mean it can also >> send a compilation of all my contacts' information to its data >> warehouse? >> > > Pretty much. > > >> Or does it only have access to my Contacts when I initiate the special >> feature within the app? >> > > How would you enforce that? > > The same way the rest of the computing world does - a popup that says "Allow foo? {Y/N/Always/Never}". If you say N on earlier firmware, then it sees null (eg a blank contacts list, no gps location, no sd card mounted, etc.) On later firmware, it gets told that the permission has been refused. Just going down the manifest permissions list real quick, the null values are simple and obvious: - GPS/Location: no fix - Wifi: No networks, no link - Account manager: no accounts - Battery stats: no stats - Bluetooth: BT disabled, no devices visible - Contacts, messaging, sms, etc: no entries, no incoming notifications ..etc That would be a reasonable approach for user privacy, is backwards compatible (even back to 1.1 when i first suggested it) and can easily function identically to the current model. (Security install page becomes "Yes/Ask/Cancel" instead of "Install/Cancel".) It would make it entirely too easy to cut into ad revenue though, which means it is not in line with google's goals for the platform.
