Some top Indian Android Apps across categories seek as much as 45% higher permissions from users compared to their global counterparts. Access to SMSes, microphone and Contact Book were some permissions taken by a significantly higher number of Indian apps compared to global peers. According to an annual study by enterprise cybersecurity and data privacy platform Arrka Consulting, about a third of the permissions sought weren’t required for core functionality of those apps. Interestingly, most data that these apps and websites share with third-parties end up going to two of the largest global tech firms- Google and Facebook.
The key privacy metrics were accessed on 100 Indian apps with each having at least a million downloads across Google Play, Apple’s App Store and websites. About 50 global Android apps were accessed on privacy and technical parameters to draw a parallel to Indian ones and their permission settings. In some categories such as travel, shopping, and e-wallets, homegrown apps end up taking 1.5-2 times higher permissions than global peers. Essentially these permissions help build user profiles that third-party vendors can then use for targetting selling. On an average, Indian apps take about eight permissions when a user installs a certain app.
When an app seeks more permission, it collects additional information about a user that’s seen as an invasion of privacy, especially granted access to certain apps. Global Tech firms like Facebook have come under security for mishandling customer data. Most recently, Google said it’s bringing in new controls that allow users the right to share data while installing third-party apps from Google Play. It said 99% of apps send data to one or more third-parties for advertising, analytics etc.
The report said “On an average, an app/website sends data to more than five third-parties and many had the same parent organization. Google was observed in 30-50% instances and was clearly the leader while Facebook was second.”
Personal Data can be categorised into Above the Surface data (visible to an individual) and Below the Surface (not visible to an individual). Below The Surface data that gets collected by mobile apps, websites and devices are usually not noticed by people.
Above The Surface Data
1] Demographic / Identity Data
2] Financial Data
3] Health / Sexual Orientations
4] Political Affiliations / Personal Beliefs
Below The Surface Data
1] Device Identifiers
2] Online Identifiers
3] Location Data
5] Social Media Markers
6] Post-Analytics Data
We would advise you to pay attention to permissions that apps ask for while Installing.
For Ex: If a Calendar App asks to access your call records, you should deny that request. Because there is no use of Call records for a Calendar app.
Our Website does not ask for any such permission. You only need to enter your Above The Surface Details while making a Comment or filling the contact form.
So stay safe. Have A Nice Day