Native App Privacy

From MgmtWiki
Jump to: navigation, search

Full Title and Meme

An application that is installed on a user's computing device can be given access to some parts of user Privacy.

Context

Problems

  • Each company that creates a set of privacy settings does so independently without any coordination or common language.
  • Each company puts a majority of their settings under the settings tab, but then there are other setting that occur in other locations.
  • Each company also supplies an "Identity Server" that provide, Apple ID, Google ID and Microsoft ID that have a rich history of providing other services, especially email.
  • Each of those ID offerings are slightly different and are responsible for the Data Sharing part of privacy.

Solutions

In spite of all the problems, the actual results are quite good as the following table shows. If a User is familiar with one service, they are likely to understand the other, at least until the Identity Server function comes into play. This table could serve as the starting point for a taxonomy of common definitions of the areas where consumer privacy could be controlled.

Note that SMS is easy to hijack and should not be used for security purposes.

iPhone Android Windows
yes??

yes??

Accnt Info
Bluetooth Radios
always always Background
Calendar Calendar Calendar
Camera Camera Camera
Contacts Contacts Contacts
 ??  ?? Email
Health yes??
Health+
Home
File access
Location Location Location

Mic

Mic

Mic

Motion

Body

Music

Phone

Call History

yes??

yes??

Notification

Photos

Purchases

Purchases

Purchases

Reminders

Siri

SMS

Messaging

Speech

Storage

Tasks

TV

Other Devs

Diagnostics

safari

chrome

File D/L

non-persist
DNT

File access

References

  1. Native App Security
  2. Native App
  3. Apple building a trusted ecosystem for millions of apps.