Maybe you don’t have to worry about a suspicious Android app will steal contacts or constantly share your whereabouts for much longer. Google is introducing features and policies that will limit how apps ask for contact and location information.
Targeting all Play Store apps Android 17 and then they’ll have to use a new Google Contacts Picker if they want access to invite users, share content, or handle one-time requests. The new interface allows you to choose specific people, so you shouldn’t feel pressured to share more details than you want. If an app requires ongoing access, the developer will need to submit a Play Store statement justifying an ongoing request.
Apps built for Android 17 will also have to use a new location button when they want precise and unique location data. The move aims to simplify location requests and discourage app makers from requesting more position data than they need. Creators will need to make a declaration on the Play Store if they need accurate and always-available location information. Apps that only need approximate data, such as some weather apps, will not need special permission.
Google will begin flagging contacts and location permissions issues ahead of app reviews starting October 27. The forms to make the declarations will be available “before October,” says Google.
Permission abuse is a real problem
Many apps have practical reasons for accessing your contacts and location. A social media service like Threads or TikTok may want your contact list when you want to invite friends, while a camera app may need your position when you share where a photo was taken.
However, it is still common for apps to ask permission for this data when the usage is unclear or not necessary. Your browser might ask for contacts to sync without a full explanation, for example. While many of these uses are relatively innocent, there are also malicious applications that can abuse contacts and position to spam your friends or stalk you.
The new Android 17 requirements potentially limit that misuse. Ideally, developers will be more parsimonious with contact and location requests, and will think carefully before demanding continued access. This won’t prevent apps outside the Play Store from abusing data, but it could improve privacy if you stick to the official Google store.
The move could also reduce its exposure to data breaches. While Google cannot control app data on third-party servers, the new policies should minimize the damage if there is an intrusion. Hackers may only get a few glimpses of your location rather than a complete record. This, in turn, could reduce the risks of identity theft or targeted scams.
Fountain: Android developers
