Is Google finally fixing permissions issues in Android L?
Android L is still a Developer Preview, nothing is set in stone, and who knows what might change before we see a final release later this Fall. In the meantime we’re seeing some interesting tidbits surface regarding how the new OS will function, and some pretty significant changes that might be coming.
Currently, when you go to the Play Store to download an app, you’re presented with a laundry list of permissions an app may ask for. Based on most people we’ve talked to, the consensus is that users will typically accept everything just to continue past the screen and get on with the install. Back when I was a system builder I saw a lot of End User License Agreements (EULAs) when preloading software. That job entailed installing a ton of apps on computers, then prepping the system for the end user, resetting the EULAs so the end user could read and accept (or decline) those agreements. I’d often comment to the end user that, since no one really reads the EULAs (and if they did, they wouldn’t have the background to understand the legal jargon) that it would be pretty easy for someone to throw in a provision that, by installing the app, would require them to be Bill Gates’ towel boy. Everyone got a chuckle out of that, until they realized that I wasn’t joking.
Today’s permissions dialogs are much the same way in Android. Hopefully, that’s going to change with Android L and the unified data controls that we heard about at Google I/O.
The concept is simple, and not unique to Android: rather than granting permission to an app so it can utilize a particular API (location, SMS, camera, etc.) when the app is installed, why not ask whether or not the user wants to grant the app that particular permission when it’s being requested? Then allow the user to accept or decline granting permission to that particular app for that particular permission.
A good example could be Google Maps. When you fire up the app it asks Android for access to your location. Android then checks to see if you’ve granted the app access to that API. If you have, it lets it through. If you haven’t, it asks you, right then and there. If you accept, your position is shared with the app. If you decline, it’s not shared and the app has to continue on without it. Obviously your position wouldn’t be shown on the map if you decline, but that’s up to you.
The same goes for accessing your contacts, your camera, SMS/MMS, and more. If a Live Wallpaper wants access to send text messages, you’ll be notified when it asks for that particular permission, and can say no if you want.
While that seems like the right direction to take, it doesn’t look like it’s being universally applied in the Developer Preview. Some apps behave in this manner, and others don’t. Should there be “this time” and “always” check boxes so you can be prompted again when the permission is requested in the future? Ultimately, will it work as expected, or will it be more of an annoyance to accept every first occurrence of a permission request, and just make people more frustrated?
Time will tell, but until it does, we’re curious to hear how you think it should work. Head down to the comments section and let us know your thoughts!