Enhanced privacy controls in the Android 4.3, which allowed the installation of apps while blocking their ability to gather sensitive data from a user, have been removed in the new Android 4.4.2. Google says the feature's original release was an accident.
App Ops was a privacy component installed in the Android 4.3 which shielded information that users wanted to protect from any new app.
The Electronic Frontier Foundation (EFF) reported Wednesday that just a day after it had lauded the privacy feature via a blog post on its site, the organization learned that the option is no longer available on the Android 4.4.2 update, which was released earlier this week.
Google told EFF that the feature was included in 4.3 by accident, claiming the control was experimental and could ultimately break apps policed by it.
EFF stressed that there are ways Google could easily remedy such concerns if it so desired, by feeding fake information to the app or telling app developers that the privacy control could disrupt their program.
EFF called the disappearance of App Ops a “Stygian hole in the Android security model,” given that there is now no way to curb app permissions, despite the easy fixes which are available.
The digital rights group urged Google to renew App Ops for Android while improving the feature. Google could do this, EFF says, by adding targeted controls for users to be able to pick and choose which apps have access to sensitive data. In addition, Google could make App Ops workable for app developers in the process, the organization stated.
EFF says at the moment, though, Android users must choose between privacy and overall protection, as Android 4.4.2 includes updates to security and denial-of-service bugs.
The loss of the security feature comes at a time when mobile phone users are having to deal with unwanted snooping by the apps that they download - even when such data sharing is opt-out.
The Federal Trade Commission (FTC) recently came down on the makers of the ‘Brightest Flashlight,’ a popular free Android app that adapted the flash built into a handset to make it behave like a standard flashlight. Unbeknownst to users, however, the app had been secretly harvesting location and unique device identifier data and sharing it with advertisers and marketing networks.
Goldenshores Technologies, the US developer behind the Brightest Flashlight app, recently reached a settlement with the FTC. The app had been installed on “tens of millions” of Android devices, according to the agency.