Think twice before allowing apps to access information on your phone

With security, privacy at risk, know what you’re agreeing to and don’t install app if you don’t really need it

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Ed note_Edric Wyatt_IDT911Does it some­times seem like every web app you’d like to down­load to your smart­phone demands way too much access to the func­tion­al­i­ties of your device, such as access to your con­tacts lists, geo loca­tor and phone camera?

The über pop­u­lar “Poke­mon Go” game, of course, needs to know your loca­tion so you can enjoy the app. But for many oth­er web apps, be they games or a nifty ser­vice or tool, con­sumers all too often must give up an inor­di­nate amount of access in exchange for a com­par­a­tive­ly small benefit.

If you’re at all con­cerned about the pri­va­cy and secu­ri­ty of your­self, your fam­i­ly or the orga­ni­za­tion that employs you, per­haps you should think twice, or maybe even a third time, before click­ing on the accept button.

Relat­ed info­graph­ic: Con­ve­nience of mobile com­put­ing comes at a secu­ri­ty cost

Here are a few very plau­si­ble sce­nar­ios that should cross your mind:

• Does the web app want your con­tact lists for mar­ket­ing pur­pos­es, to annoy your friends, rel­a­tives and work col­leagues with unwant­ed promotions?

• Could the dis­trib­u­tor be a bad guy intent on embed­ding some form of mal­ware on your device to steal from you or to attempt to use your device to infil­trate the orga­ni­za­tion you work for?

• Do you real­ly want a web app dis­trib­u­tor (a total stranger) map­ping your dai­ly trav­el pat­terns and mak­ing note of the places you reg­u­lar­ly haunt?

• Do you real­ize a web app, to which you’ve grant­ed deep access, could be report­ing a steady stream of infor­ma­tion about you to a stor­age serv­er con­trolled by a com­mer­cial enti­ty, such as Groupon or The Weath­er Channel?

It’s note­wor­thy that con­sumers have chal­lenged Groupon and The Weath­er Chan­nel about this type of track­ing activ­i­ty. And there has yet to be a clear reply from the devel­op­ers of these apps explain­ing the ratio­nale for this unso­licit­ed monitoring.

Con­sumers let guard down

Keep in mind, thou­sands of web apps do much the same type of data col­lec­tion. It has become rou­tine for con­sumers to accept oner­ous terms of use from web app dis­trib­u­tors. With­out giv­ing it much, if any, thought, we take on mate­r­i­al pri­va­cy and secu­ri­ty risks when we do this.

But there are oth­er options. In today’s envi­ron­ment, you must be more thought­ful. It is a good idea to take the time to scru­ti­nize the terms and con­di­tions of any web app you are about to down­load. See if there are ways you can enjoy the app with­out giv­ing up access to your address book, geo loca­tor or phone cam.

If not, pause for a few moments to weigh the risks vs. the benefits—to your­self, to your fam­i­ly and to the orga­ni­za­tion that employs you.

And if you tru­ly want to be a con­sci­en­tious con­sumer and employ­ee, it is well worth your time to go through the web apps you’ve pre­vi­ous­ly down­loaded. If you can think of no good rea­son for an app to be able to access your con­tacts list, keep track of your loca­tion, or be able to oper­ate your phone cam, you should con­sid­er unin­stalling that app.

More sto­ries relat­ed to web app secu­ri­ty and privacy:
Emerg­ing expo­sure: Ris­ing use of cloud apps cre­ates data leak­age pathways
Mobile dat­ing apps come with hid­den hazards
Poke­mon No’—Mobile apps put per­son­al infor­ma­tion at risk