Setting up my new smartphone required me to reinstall many of the apps I had grown fond of using. I suppose the first time I set them up I blindly agreed to the 30 page terms of service and granted permissions for access to whatever was listed. This time, however, I took a longer look at what the app was asking permission to access. Some of them had long lists and included parts of my data that I couldn’t even conceive what the app would use them for. Even more troubling, is that you can’t opt out of any of the requested permissions in order to use the app. It’s ALL or nothing.
Below is a screencap for all the things on my phone that Waze, a community-based traffic and navigation app, needed permission to access.
Only some of the permissions seemed self-explanatory for a traffic and navigation app. Some of the access permissions I could understand immediately such as the microphone to allow for voice-activated commands while driving, the location details, and even contacts to coordinate arrivals at events. But I couldn’t figure out the requested access to Photos/Media/Files, SMS, and Calendar. I suppose you might want to integrate the calendar with the app to seamlessly transfer location information.
Below are two screencaps for permissions requested from the WhatsApp Messenger. The list was so long I had to capture it in two separate pieces. I also expanded some of the descriptions to try and figure out what the app intended to do with the access.
Of course I accepted everything so I could use the silly thing, but I found some of them really puzzling. Why does WhatsApp need to access my “Device & app history”? Or what about “Device ID & call information”? I also found the “Other” permissions particularly alarming especially since they seem to be written in IT-ese, or some other foreign technology language.
Admittedly, I feel torn. I want the convenience and perks of using the apps, without losing control and constantly wondering “what are they going to do with all that data?”. It feels invasive. What are we agreeing to when we ACCEPT? I’m in favor of seamless integrations and automation, but I also want to understand how it’s happening and be able to decide which data is being used for what purpose.