Privacy Guard is a feature in CyanogenMod that gives Android users back the control over app permissions and thus their privacy and device performance. Even though you love an app, you may not be as keen on it tracking your every move from the moment you turn on your phone.
Update (): CyanogenMod is now known as LineageOS.
CyanogenMod is a distribution of the Android operating system as an alternative to the “stock” Google-branded Android distribution. Development and releases of CyanogenMod is a community effort governed by CyanogenMod, LLC. It’s an alternative to the Google-branded variant of Android, commonly referred to as “stock Android.” CyanogenMod looks and behaves much like stock Android but has some additional features and settings aimed at technically inclined users.
Android will list all permissions required by apps when installing them from the Google Play Store or other app stores. The user can’t modify the listed permissions but can choose not to install the app. This means the user must either accept the developer’s default permissions or walk away from installing the app. Privacy Guard allows the user to deny individual permissions (like access to contacts, SMS, camera, location, auto-starting, and more) after installing the app.
Users must still grant all permissions to the app and then later go in and modify the app’s permissions. Privacy Guard can optionally be enabled by default for new applications. The default settings for all permissions will be to “ask every time”. With this setting, Privacy Guard will pop-up a dialog prompt every time an app tries to access protected permission.
Except for geocaching games, very few games require to know your location. Yet it seems the majority of apps all want to know your device’s current location. Many even ask for its location when the app is neither running nor has been launched for more than a month.
Location information is valuable for targeted advertisement, and game developers want to cash in on that data at the expense of your privacy and your device’s battery life. Geolocation is calculated through heavy use of the device’s antennas and thus requires quite a bit of power to triangulate your position. Blocking location for non-mapping applications seems reasonable.
Games and apps you only use occasionally often want to auto-start along with the operating system. This allows them to perform network tasks to update their content and to start faster when you tap their app icons. It also lowers the device’s performance and reduces its battery life due to the extra processing required.
Why does the Skype app need to access the device’s camera every 8 minutes? Especially when it hasn’t been launched in a week, is staying in the background, and I’ve never used it for video conferencing? Whatever Skype wants to do every eight minutes, I’m not comfortable with it performing this unwanted operation. There’s no option in the app to disable “auto pocket-photos” so the camera permission should be revoked.
A running count of how many times the permission has been allowed or denied is displayed in the per-app view in Privacy Guard. This is an interesting detail that will help you determine whether or not to grant particular permissions to a particular app.
A minority of apps will crash or have other broken functionality when requested permissions aren’t granted. Most app makers will reply and push out a fix quickly when you notify them of this. I’ve had two different experiences where the app makers replied saying “this is by design”, as they can’t monetize users who don’t grant them full permissions.
Unfortunately for these apps, there are always other apps to choose from … . A TechRepublic article argues that giving users control over permission is bad because it might break some apps and that developers can’t be asked to accommodate users who block permissions. The Android APIs for interacting with the camera, location services, and the like are also asynchronous in nature.
This means the developer can’t expect an immediate response or even a response at all when accessing this functionality. Privacy Guard will show a notification when an app has blocked permissions to remind users that the app has modified behaviors. The TechRepublic article seems to be mostly unfounded.
Some of the Privacy Guard’s features originally appeared in stock Android version 4.3 as a hidden settings panel called App Ops. The feature was removed in Android version 4.4.2 that was released some months later. Rumors surfaced last week from Bloomberg Business, claiming that Android “M” (version 6) might get this functionality back.
From the Bloomberg piece, it sounds like Google would provide an approach more similar to the one found in iOS. In iOS users can choose to disable some permissions like location, address book, and camera rather than the more extensive set of permissions available in CyanogenMod.
I choose CyanogenMod over stock Android because of the Privacy Guard functionality. This move by Google could be to lure privacy-minded users back and bridge the growing functionality gap between stock Android and CyanogenMod. European regulators — who have been breathing down Google’s neck over privacy and monopoly issues lately — are also likely to react positively to this functionality being restored.