You might not have to worry that a shady Android app will steal contacts or constantly share your whereabouts for much longer. Google is introducing features and policies that will limit how apps request contact and location information.
All Play Store apps targeting Android 17 and later will have to use a new Google contact picker if they want access for inviting users, sharing content, or handling one-time requests. The new front-end lets you choose specific people, so you shouldn’t be pressured into sharing more details than you like. If an app requires constant access, the developer will have to submit a Play Store declaration that justifies an always-on request.
Apps built for Android 17 will also have to use a new location button when they want one-time, precise location data. The move is meant to simplify location requests and discourage app makers from asking for more position data than they need. Creators will have to make a Play Store declaration if they need always-on, precise location info. Apps that only need coarse data, such as some weather apps, won’t need special permission.
Google will start flagging contacts and location permission issues ahead of app reviews starting October 27th. Forms to make the declarations will be available “before October,” Google says.
Permission abuse is a real problem
Many apps have practical reasons to access your contacts and location. A social media service like Threads or TikTok might want your contact list when you want to invite friends, while a camera app might need your position when you share where a photo was taken.
However, it’s still commonplace for apps to ask permission for this data when the use isn’t clear or necessary. Your browser might ask for contacts for syncing without a full explanation, for instance. While many of these uses are relatively innocent, there are also rogue apps that might abuse contacts and positioning to spam your friends or stalk you.
The new requirements in Android 17 potentially limit that misuse. Developers will ideally be more sparing with contact and location requests, and think carefully before demanding nonstop access. This won’t prevent apps from outside the Play Store from abusing data, but it could improve privacy if you stick to Google’s official shop.
The move could also reduce your exposure to data breaches. While Google can’t control app data on third-party servers, the new policies should minimize the damage if there’s an intrusion. Hackers might only get a few glimpses at your location rather than a full record. That, in turn, could lower the risks of identity theft or targeted scams.
Source: Android Developers
