I believe there is a significant flaw in how permissions are set when you install Android apps. You get two options – Accept all or nothing. For readers not familiar with how Android app permissions work, there is a configuration file for each app that sets permissions for that app only. Permissions are needed for any functionality that affects how the app accesses things like sensors (e.g. GPS), SD Cards and the internet. These permissions do not affect any other app on the phone.
I propose an important change should be implemented at the operating system level — You should be able to accept or deny each privilege at installation time. This would make it an opt-in approach rather than an opt-out. Sure, some of you will say there are apps that can help you do that afterwards, but for tens of millions of consumers that’s not good enough. The vast majority of consumers simply don’t do take advantage of that for a variety of reasons, so having the option to accept/deny up front is the best way to go.
Yes, there is a good chance that many (most?) users would still simply accept all. However, I think increasing numbers of users would become aware that they can opt out of certain things and take advantage of the convenience and the potential for added security that this approach provides.
Developers and companies that build Android apps will probably yell loudly that this will affect how their apps work. Note that there are no technical reasons as to why this wouldn’t work. If someone checks “don’t allow internet access”, we developers can gracefully disable parts of the application and provide notifications when users attempt to access the internet. If someone disallows geolocation, then we do the same thing. Users can always opt back in if they need to. If some vendors take the approach that if you opt-out of certain things then the entire app will be disabled, then so be it. I personally would be wary of installing an app that did that.
Take the example of the screenshot below. This is the installation screen from a very popular sports app. I wonder why does it need access to my phone calls, my Accounts, or even contents of my USB storage? It doesn’t even provide an option to move the app to USB and there are no capabilities in the app (that I’m aware of) related to making phone calls. I would love to be able to opt out of these.