Most tech journalists are excitedly reporting that Android phones share your private data without your knowledge, while their iPhones are secure. But the study that’s been used to support this might point to the opposite.
A number of articles have referenced research by Intel Labs, Penn State and Duke University, to show that Google’s Android phones fail to tell us what’s done with our personal data.
The researchers have created an Android application to detect how other apps use your private data, such as your phone book, phone number and even your location. But although some apps do share data, it appears that some of the reports may have missed the thrust of this research.
Is Android open model safer?
The researchers are in fact launching their own app (called TaintDroid) that lets a user detect where their data is going. Perhaps I’m reading between the lines, but the paper itself seems quite enthusiastic about Android. It’s open enough for them to create the app, which in turn could mean that it’s a more secure model than Apple’s.
Whether or not I’m over-interpreting what other articles are driving at, I personally think that an open model is safer than a closed one and is more likely to protect your data.
The mantra of open source is that ‘many eyes make all bugs shallow’. In my view the same applies to privacy: many eyes make naughty apps pariahs. It’s been shown time and again that blindly trusting the vendor with your data simply isn’t a good idea.
Keep an eye on your apps
Whenever you download an app from the Android Marketplace, as with Apple’s App Store, it tells you what functions it wants to have access to, such as location data, full internet access, your camera.
Although this isn’t perfect – apps that share your data innocently could also do so for nefarious reasons – it isn’t clear that something more complicated would help us make an informed decision.
It’s not as simple as saying it’s your own damn fault if you install an app that told you it would share data. Instead, it’s better to be forewarned. So functionality like TaintDroid which lets us check up on what apps are doing with our data, helps us keep them honest.
And I’m not sure if this would be possible on the iPhone, as I don’t think such an app would make it through the App Store approval process over which Apple wields total control.
I agree it’s bad that some apps share data in ways that you might not want. But I don’t think it makes sense to rush away from an ecosystem (Android) where you can find out which apps share data (and avoid them), to one where it’s unlikely you’ll ever find out. And ultimately one where you currently just have to trust Apple to protect you.