Hyderabad: While awareness is growing about the permissions that apps seek from users, the MyGHMC app, which has more that one lakh installations, seeks the dangerous permission to access phone and call logs. Same is the case with the GHMC mosquito app, which takes lot more permissions than required.
Android classifies some permissions as ‘dangerous’ which includes access to calendar, camera, contacts, location, microphone, phone, sensors, SMS, storage. The GHMC app seeks permission to location, SMS, phone, storage camera and Wi-Fi. There is no option to deny permissions or selectively grant permissions at the time of installation. Instead, users have to change it in the settings.
While the GHMC promotes extensive use of the app for lodging complaints, users are kept in the dark about the data being collected, as there is no privacy policy or terms and conditions segment. Google Play policy states that apps must disclose how user data will be collected.
A quick search on the web led to the privacy link of the Centre for Good Governance portal. It reads “For any specific personal information, (like name, phone number or e-mail address), that allows us to identify you individually, technologically possible security measures will be taken to protect your personal information.” In contract law, the user agreement is considered as a contract between two parties. If this agreement is contract, it has to be as precise as possible.
However, the minimalist policy just adds: “We do not sell or share any personally identifiable information volunteered on the website to any third party (public/private). Any information provided to this website will be protected from loss, misuse, unauthorised access or disclosure, alteration, or destruction.” This newspaper emailed a questionnaire to the developers of the app but has received no reply.
Experts opined that there is a lack of awareness about security even for developers. Cyber security expert Satish C. said, “It is lot more surveillance than necessary and oversimplified to offer minimal information. It would be ideal if all government apps follow a framework irrespective of the developing agency and clearly define the permissions they are seeking. As some of the apps from the government like T-App-Folio which redirects users to the GHMC app, has clearly defined privacy policy and terms and conditions.”
H7
