Google misleads on why it is preventing Android users from stopping Apps from taking private information
Yesterday, we published a blog post lauding an extremely important app privacy feature that was added in Android 4.3. That feature allows users to install apps while preventing the app from collecting sensitive data like the user's location or address book.
After we published the post, several people contacted us to say that the feature had actually been removed in Android 4.4.2, which was released earlier this week. Today, we installed that update to our test device, and can confirm that the App Ops privacy feature that we were excited about yesterday is in fact now gone.
When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.Many instances of apps "breaking" when they are denied the ability to collect data like a location or an address book or an IMEI number can easily be fixed by, for instance, giving them back a fake location, an empty address book, or an IMEI number of all zeroes. Alternatively, Google could document for developers that these API calls may fail for privacy reasons. A good hybrid would be to use fake data for old versions of the Android API and cleanly defined Java exceptions in the next API level. As with many other changes that occur across Android devices and Android versions, some app developers might have to do minor updates to keep up. . . . .