What we’re looking at here is the first launch of the official Twitter app for Android, running on the BlissPop custom ROM. Thanks to the baked in permissions manager from CyanogenMod (and OS), I was able to block Twitter from helping itself to my address book before I even logged in to my account.
Twitter’s likely defence would be that it’s only providing a means to help you find your friends on the service. Why then, does the app not hold off until I use that specific feature?
I’ll tell you why… Back at the dawn of the Facebook era there was a saying that if you weren’t paying for the product then you were the product—that is, your personal information was being bought and sold by advertisers. The same holds true for the modern day smartphone user, it seems, with your contact list as the currency-of-choice.
Protection from these egregious requests has been available to rooted users for a long time, but a proper permissions manager for stock Android is only coming with its next major revision. That upgrade can’t come soon enough.
Here’s another attempt to usurp my contact list, this one by the re-branded Foursquare check-in app Swarm. Again, the only reason why Swarm would ever need my contacts is to tell me about my contacts who are using Swarm. But Swarm made this request immediately after asking for my location data, not when I launched a search for other friends on the service.
This was unexpected… eschewing my address book (at least for the moment), Evernote instead went for my calendar. Why does Evernote need access to my calendar? According to Evernote: “This information is used to automatically provide note titles based on calendar events.” Why would anyone need that when they can already enter notes directly in their calendar events…?
What’s really infuriating for me is that I’m a paid user of Evernote, and they still want to help themselves to my personal data. But thanks to my permissions manager, not gonna happen.
Here’s some further reading on the subject if you’re interested: