Android developers, prepare for fine-grained user permissions

William J. Francis fills you in on the Android App Ops privacy feature and explains why he believes it's good for users and developers.



A new privacy feature in Android 4.4 KitKat called App Ops has caused quite a stir. The app showed up briefly in Android 4.3, but it wasn't meant for prime time; some users stumbled across the feature thanks to Android's intent launcher paradigm. The folks over at the Electronic Freedom Foundation (EFF) made no bones about calling the feature "awesome."

According to Google, the feature is still experimental and was supposed to be hidden. In fact, Google quickly pushed out an over the air (OTA) update that made the feature unreachable. 

On Google+, Dianne Hackborn of Google's Android team chimed in on a discussion about the sudden appearance and disappearance of the feature. "It was there for development purposes." Hackborn wrote.  "It wasn't intended to be available."

What is (or was) the app?

App Ops appears to be a dynamic permissions system. In other words, users could install an app and then later choose to deny it some or all of the access the developer requested. Think of installing Pandora, and then using App Ops to turn off the ability for the app to track your location. You could still find out who plays a song without getting the annoying targeted advertisements.

For users, I think this is the way of the future. For developers, it means we don't have to be hesitant to include cool features that require extra permissions, because users can still install the app and opt out of granting access to anything that makes them uncomfortable.

Why it's particularly interesting for developers

We still have no idea when this new capability will be available for the masses. However, it brings up an interesting point for mobile developers that I think has merit in discussing now rather than when App Ops finally resurfaces.

In the past, with Android's all-or-nothing permission system, developers didn't have to worry so much about degrading features gracefully -- well, maybe here and there with things like locations services and Wi-Fi. I suspect that in the not so distant future we will have to anticipate and write code in such a way that the app still provides some amount of functionality when permissions get yanked out from under it.

Going forward with a new mindset

I don't plan to wait on App Ops to start coding with this new mindset. I intend to write my apps under the assumption that users can and will deny me access at various times to different system-controlled resources, peripherals, and services.

Ultimately, I think this is the way all mobile development will go. The apps we write live on what are arguably the most personal device people own. Angry Birds co-exists on your smartphone with things like contacts, pictures, and banking.

Putting more control in the hands of users is the right thing to do.

Disclaimer: TechRepublic and CNET are CBS Interactive properties. 


By William J. Francis

William J Francis began programming computers at age eleven. Specializing in embedded and mobile platforms, he has more than 20 years of professional software engineering under his belt, including a four year stint in the US Army's Military Intellige...