The problem with Android permissions is too much information and not enough information all at once

Android dudes
Android dudes (Image credit: Jerry Hildenbrand / Android Central)

It's a regular happening in the tech press. An app has questionable permissions and people freak out about it. Sometimes it's warranted, but most of the time it's because the people freaking out don't understand the Android permission model or haven't taken the time to see what reasons an app might have to need those seemingly sketchy permissions. And it's Google's fault. Sorry, Google, we love you, but this is all yours.

There are two ways to handle letting the user (that's you and me) know what an app needs to do or needs to see in order to function. One way is to plainly state everything up front before that user installs it so they know exactly what can be done and seen. In other words, the Android way (mostly). Another way is to carefully screen each and every app and have the user trust your screening process and know that the app isn't doing anything out of the ordinary. This is the Apple way. Both are good in some ways and bad in some ways.

It's Serenity and crew's job at iMore to tackle iOS issues on this front if it needs tackling— they're more knowledgeable about them than I am — but we really need to talk about Android permissions here and why they need some attention from big G.

I'm going to pick on our own Android Central app (opens in new tab) here because I can look through the code or build it myself and know exactly what it does, what it can do, and why. Let's start with what makes people freak out because there is a good example right in the picture above — prevent device from sleeping.

Why in the hell does an app to read a blog need to keep your phone locked awake? I don't blame you at all if this is the first thing you think. In fact, I want it to be the first thing everyone thinks because we all need to be a little skeptical when it comes to software that we install on our phones. But our app has no intention of keeping your phone running all the time, and unless there's a bug somewhere it doesn't. We need that permission so that the screen doesn't shut off while you're reading this.

Tell us what those permissions mean and we'll freak out less.

There are two very big issues here that Google can fix. One is hard but the other is easy, Like delicious pie easy. The hard one is to continue building out the APIs until we have one that can only keep the screen on. Let background data and everything else sleep until it's used and keep the CPU idling unless it needs to ramp up for something else a user is doing. That's all we're using the prevent device from sleeping permission for anyway. If Google makes that API, we'll switch to it. Until then, we need permission to keep your whole phone up and running even when we're not doing anything in the background.

The second and easier thing that needs to be done is to give more information here. Once you decide that you're going to give the user all the info about which permissions an app needs, you need to go a step further when you list them. What we have right now is either too much information or not enough information.

I am a nerd. I don't even try to hide it. Plenty of the people reading this will also be nerds. What we see now on Google Play when permissions are shown was written by nerds for nerds. I understand it, my fellow nerds understand it, but a normal person who just wants to install a cool new app might not. Consider this:

  • Prevent your device from sleeping. This application needs to keep your phone from going into a sleep state. This can only happen while the app is running and shown on your screen and may not be processor intensive. If you have any questions you should ask the developer using the contact information at the bottom of the page.

That took me like 30 seconds to bang out on my keyboard. (And 20 more to fix the typos because I think I can type really fast without looking at my keyboard but I actually can't.) It's not the greatest explanation of what this permission might mean, but it's a metric shitload better that what we have now. The people at Google are way smarter about Android than I am (but I challenge any and all comers to test my knowledge on Dunmer lore) and could do this even better. If they did, it would help people who actually bother to read the permissions when they see Twitter melting about an app needing GPS data because it's a free ad-driven app that needs GPS to show you those "relevant" Target ads when you're in the Target parking lot.

The Android permission model needs to be refined and explained. And not by nerds.

This isn't a new problem. Since Android became popular people have seen too much information about needed permissions without enough information about those permissions and what they mean. Then they (rightfully) freak out about it. I enjoy those freakouts. I get to sit back and watch people actually care about mobile security and their precious personal data for a day or two. But the app developers surely aren't very happy when it happens to them, and they are the reason Android is as popular as it is.

So how 'bout it Google? Can you make a change to give us everything we need to know when we actually look at an app's permissions without going to the Android Developer site and reading a bunch of documentation about them? We'll love you more.

Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

  • Uhhhhhh my phone's screen still turns off when reading on this app if I don't touch it for a minute so not sure why u justify needing that permission when it actually doesn't do what u say it does
  • Same here, however my screen won't time out when playing a game or youtube is on auto play
  • That's because they didn't use it correctly. Plus they don't even need this permission to keep the screen on while the app is shown to you:
    Google said it over and over in lectures, that this method of using this permission isn't needed, if all you want is that the screen won't be turned off while the app is shown.
  • The main problem is that every illiterate jerk can grab a smartphone (mostly Android, cause they are cheaper than that Apple crap) and start downloading apps because they want all that cool stuff. Then, when something goes wrong or they got spooked by some fear mongering bloggers who bash Android as unsafe and virus infected, they start whining about their privacy. I think the safety starts with the user! Before doing anything learn about the system. Not the technical details but the basics, like permissions. We all have to learn how to drive a car or use a Windows PC. So it's the same for smartphones. And after reading a little bit about the subject things become really easy and nobody would download a flashlight app with 15 different permission requests. (and here I think, Google could do something and never allow an app like this into the playstore!)
  • The permission I'm most concerned about is why some apps want permission to access my contacts. My information is already being shared too freely, I don't want to screw everyone on my contact list too. Especially if there is no reason for a particular app to access it. And since companies like to share information (which means sell info) to other companies, I think they should be up front and tell us why.
  • There are a lot of legitimate reasons to want that info though, starting with accessing email addresses if you click "share this app with a friend"... Remember, I said legitimate reasons, not good reasons!
  • Which IMHO should be by a single use approval at the time of sharing. Back to Google.
  • Actually, the "Share with friends" doesn't need this permission. An app can throw the intent to share a message or picture, and Android's Share With comes up. The app / method (i.e. email) will already have the contact list permission (i.e. the gmail app). The only reason why it needs the contact list is for internal reasons like seeing if others have a game account already.
  • No, it doesn't *need* this pentagon, but it is a legitimate use of it. Once again, I said legitimate reason, not good reason.
  • I've never needed a pentagon myself, but I'm sure an app developer somewhere can come up with a *legitimate* reason why they think I need one. LOL
  • As a dev, i just want to rip off google. They screwed up the permission model in 6.0! Why do i add extra 50 to 80 lines of code just to beg to users, can i do this?
    Then when the user says no, i should ask, pleaseeeeeeee? Then the user says no again.
    Next day, i ask one more time with a full essay about the usage of the permission, then the user says no. This bullshit process continues until the user says yes. Google should tell the users FIRST about the changed permission model, nor only to the devs, which may lead to drop in rating in play store, ussrs shouting, why does this app needs to access my (something)?! Hey, google, i love you guys, but you guys screwed it up. Change the freaking permission thingy, n i will be happy.
    ☞sorry if i talk about this in a strange(?) manner, but i really want to tell people about this issue, thankz
  • Yup, thing I love most about marshmallow is the permissions thing. I go through that and kill all permissions I don't like and get on with my life. Sometimes I have to use an app so I'll give it permission for that occasion, then I'll block it again. Easy. That said, the many different settings can confuse newcomers, phones like the S6 etc are not really for new users I don't think, too easy to get tied up in knots. Look in the forums and see...
    Thanks Jerry!
  • Till we get to restrict run at startup it will be worthless
  • Yup. There are too many ways that am app can run itself at startup. I use XPosed with Boot Manager and it catches about half of those that do start up.
  • Too many apps request a sh!tload of permissions, asking simply to grant full access to a device and info within. An app should ONLY need access to a service/port/connection to make that feature work. The permission should be limited in access by design. Several years ago, ppl were freaking out about ALL the permissions a certain social media messaging app was requesting. The screams of it wants access to your mic, camera etc. were a little overblown. Since to use audio messages obviously requires mic access, to take a pic needs camera access. But certain permissions are worded badly (ie mic permission can turn on and access mic ANYTIME would AND SHOULD freak you out.) Again, permissions should be designed for on-demand access aka when a user wants to send a pic or audio message, the permission is req, granted, used and then TERMINATED.
  • Article is wrong about "prevent device from sleeping." :
    "We need that permission so that the screen doesn't shut off while you're reading this." It's wrong, because this permission isn't needed for this purpose:
  • There are other uses for this permission, and it can prevent the screen from being turned off.
    It's just that if all you need is to let the screen stay turned on as long as you see the app, you don't really need this permission, and it's even quite easy to do it.
    BTW, this isn't a permission that the user has to grant at runtime. It's automatically granted upon install. Maybe because it's not considered as a privacy related permission. However, using this permission is a bit risky, because if there is a bug, it might cause the app to consume more battery than it should.
  • So why does Android Central app need :
    . Identification :SERIAL
    . Phone: Configuration.MNC
    . Phone: Get Network Operator
    . Phone: Get Network Operator Name What possible use and justification is there for you to know my device serial number and who my carrier is?
  • I'm going to guess that is for bug reports and usage data sent back to Android Central upon a crash. That way they know exactly what type of phone you have.
  • Which of those tells them the type of phone? Device name is in Build where there are fields for Manufacturer, Model and Product. They aren't considered personal, so not included in the permissions that need to be approved; they are just allowed to be seen by any app.
  • My favorite developers are the one's who let you know what each permission is used for in the app description. This is especially important now that anybody can deny permissions
  • The permissions on android are a joke, I disable all permissions to every app and I only allow permissions back if the app fails to run or function. And I only allow one permission at a time until it stops ******** or it starts working, giving the app the bare minimum it needs to function. Like 90% of apps still work even though you gave them access to nothing. Lately Google maps has been screaming at me to give Google play services a boat load of permissions and I say no. Maps still works and and I'm able to use navigation without any problems. So suck it Google. I had to uninstall some banking apps namely you Chase and Capital One. Don't tell me you need all those permissions for the app to work properly, how come I can use a web browser and you have zero access to anything on my computer yet I'm able to login and do what I need to do. But for the app you need access to my camera, microphone, phone storage, contacts and more. Why is that?