Ad Banner

Over 1,000 Android apps harvest data despite denied permission

Researchers at the International Computer Science Institute discovered that up to 1,325 Android apps still get access to data from devices despite being denied permission.

In a report by CNET, Serge Egelman, director of usable security and privacy research at the ICSI, said that developers still find ways to gather data, leaving the permission setting “relatively meaningless”.

He said: “Fundamentally, consumers have very few tools and cues that they can use to reasonably control their privacy and make decisions about it. If app developers can just circumvent the system, then asking consumers for permission is relatively meaningless.”

The study tracked over 88,000 apps from the Google Play store to find out how data transferred from the apps when they were denied permissions. from that number, over 1,000 used workarounds that were hidden in its code and would take personal data from sources such as Wi-Fi connections and metadata stored in photos.

Other apps, meanwhile, rely on other apps to gather data as they read through unprotected files on a device’s SD card and harvest data which they were denied permission to access.

After researchers notified Google and the FTC about the issues last September, Google said that it will be addressed in the upcoming Android Q that is expected to be released this year.

According to Google, the update will be hiding location information in photos from apps and will be requiring any apps that access Wi-Fi to have permission for location data as well.

(Photo source: