CP
cyberpings

Android 17 - New Privacy Controls for Contact Access

Android 17 is changing how apps access your contacts. Users can now choose specific contacts for apps instead of sharing their entire list. This update enhances privacy and limits data misuse.

PrivacyMEDIUMUpdated: Published:
Featured image for Android 17 - New Privacy Controls for Contact Access

Original Reporting

MWMalwarebytes Labs

AI Summary

CyberPings AIΒ·Reviewed by Rohit Rana

🎯Basically, Android 17 lets you choose which contacts apps can see instead of sharing all of them.

What Changed

Android 17 is making significant strides in user privacy by introducing a new feature called the Contact Picker. This change allows users to grant apps access to specific contacts instead of their entire contact list. Previously, apps requesting access to a single phone number would require the READ_CONTACTS permission, effectively handing over your entire contact list. This is akin to giving someone your whole address book just to get one piece of information.

Why This Matters

The implications of this change are substantial. Apps that harvest your entire contact list can map out your social network and potentially sell that data to third parties. By limiting access, Android 17 aims to protect user privacy and reduce the risk of data being misused. This update is particularly crucial as data brokers often exploit broad access permissions to create detailed profiles for targeted advertising, which can lead to invasive marketing practices.

Additional Privacy Enhancements

Alongside the Contact Picker, Android 17 is also tightening location permissions. Users will now have more control over when and how apps access their location data. Apps will need to request location access tied to specific actions, such as finding nearby cafes, rather than having blanket access. A persistent indicator will alert users when an app is using their location, similar to existing alerts for camera and microphone usage.

Industry Response

Privacy advocates are applauding these changes, as they represent a significant shift towards more responsible data handling practices. Google's updated Play policy mandates that apps must use the Contact Picker or the Android Sharesheet to access contacts, reserving the READ_CONTACTS permission for essential use cases only. This move aligns with ongoing efforts to combat the growing problem of invasive advertising and scams.

Conclusion

While Android 17's permission changes are a step in the right direction, there is still a sense of urgency for more robust privacy defaults. Competitors like Apple have already implemented similar features, and many feel that these changes should have been standard practice long ago. As Google continues to enhance its privacy measures, users can look forward to a more secure mobile experience.

πŸ”’ Pro Insight

πŸ”’ Pro insight: The introduction of granular permissions in Android 17 reflects a growing trend in privacy-focused app development, potentially reshaping user trust in mobile platforms.

MWMalwarebytes Labs
Read Original

Share

Related Pings

Preview image for Met Police Trials Snoop Tech to Combat London Shoplifting
Privacy
MEDIUM

Met Police Trials Snoop Tech to Combat London Shoplifting

London's Metropolitan Police is testing new technology to tackle shoplifting, allowing retailers to report incidents with CCTV footage. This initiative aims to enhance safety but raises privacy concerns.

REThe Register Security
Read PingRead Source
Preview image for GrapheneOS - The Legacy and Conflict of a Privacy Tool
Privacy
MEDIUM

GrapheneOS - The Legacy and Conflict of a Privacy Tool

GrapheneOS, a top privacy tool, is embroiled in a conflict between its creator and former partner. This rivalry raises concerns about user trust and software integrity. As the landscape changes, the future of mobile security hangs in the balance.

WRWired Security
Read PingRead Source
Preview image for Identity - The Driving Force Behind Digital Transformation
Privacy
HIGH

Identity - The Driving Force Behind Digital Transformation

Identity-centric technologies are reshaping digital enterprises. They enhance security, streamline access, and improve customer experiences. This transformation is crucial for modern businesses.

CSCSO Online
Read PingRead Source
Preview image for Panasonic - Device-Locked QR Codes Enhance Biometric Capture
Privacy
MEDIUM

Panasonic - Device-Locked QR Codes Enhance Biometric Capture

Panasonic has developed device-locked QR codes to streamline facial biometric capture for secure building access. This innovation enhances security while reducing wait times. It's a significant step towards safer biometric verification processes.

REThe Register Security
Read PingRead Source
Preview image for Ponemon Survey Exposes Identity Overconfidence in Enterprises
Privacy
HIGH

Ponemon Survey Exposes Identity Overconfidence in Enterprises

A Ponemon survey reveals a gap in identity security confidence among IT leaders, with 89% of applications lacking centralized authentication. This oversight has led to significant operational disruptions, affecting many organizations. It's crucial for companies to reassess their identity governance frameworks to safeguard against potential threats.

SCSC Media
Read PingRead Source
Preview image for Palantir's Human Rights Policy - Questions Arise Over ICE Work
Privacy
HIGH

Palantir's Human Rights Policy - Questions Arise Over ICE Work

Palantir's collaboration with ICE raises serious human rights concerns. EFF's inquiries reveal troubling gaps in Palantir's accountability. This situation highlights the need for better human rights due diligence.

EFEFF Deeplinks
Read PingRead Source