(Credit: Google/Alphabet)

A lot of things have happened at Google HQ over the last few days, ranging from unexpectedly shutting down its social network to launching new phones, tablets, and other devices. In the midst of this, the company took the time to address the state of app permissions in its Android operating system.

In a nutshell, Google says that it will start giving users a finer degree of control over what personal data your apps can view and use, for greater privacy.

SEE: How to beef up your Chrome and Firefox security in 2018

In the past, when you wanted to install an Android app, its permissions were an all-or-nothing deal. For example, you either gave Facebook access to your contacts, calendar, and text messages, or you didn't get to use the app at all.

More recently, Google has given users the option to select what permissions they're willing to grant -- but not all apps are required to offer this alternate route, and it also required you to have a recent version of Android installed on your device.

With Google's Project Strobe self-audit, the company has determined that users should be paying more attention to app permissions. Before, you would be presented with a list of everything that the app wanted access to, but 99 percent of users would just tap through it like it was a EULA (end-user license agreement) and not read the descriptions for each permission.

From now on, Google will show each specific permission in its own window, and the user must consider and accept each one in sequence. Google Fellow and Vice President of Engineering Ben Smith says in the announcement, "[I]f a developer requests access to both calendar entries and Drive documents, you will be able to choose to share one but not the other."

Will this create frustration with the app experience, if installation requires that much input before you can begin the fun part of using it? Or will it discourage apps from asking for more permissions than they need? Possibly both.

FOLLOW Download.com on Twitter for all the latest app news.

We can say for sure that the latter problem remains common, especially for apps that have suspect motives, because that personal data -- collected at the time of permission approval and sometimes for the duration of your usage -- can be sold or traded without your knowledge or consent, to people who do not feel constrained by the privacy laws in your jurisdiction.

Aggressive permission requests have become common enough that Google is also specifically reigning in the ones that want your call logs and your text messages. Now, "Only an app that you've selected as your default app for making calls or text messages will be able to make these requests. (There are some exceptions--e.g., voicemail and backup apps.)"

Smith adds, "In the coming months, we'll roll out additional controls and update policies across more of our APIs [application program interfaces]."


  1. Google is updating the app permissions request system so that you can't accept all requests with a single tap. You must now review each request.
  2. Additionally, only your default phone and SMS apps will get access to your call logs and SMS messages.

Also see

Tom McNamara is a Senior Editor for CNET's Download.com. He mainly covers Windows, mobile and desktop security, games, Google, streaming services, and social media. Tom was also an editor at Maximum PC and IGN, and his work has appeared on CNET, PC Gamer, MSN.com, and Salon.com. He's also unreasonably proud that he's kept the same phone for more than two years.