THE BLOG
06/27/2014 11:48 am ET Updated Aug 27, 2014

A Beginner's Guide to App Permissions

Bloomberg via Getty Images

By David Tiegen

Since Edward Snowden's leaks, everyone has reason to think their privacy has been taken by the NSA. The National Surveillance Agency approached large tech companies, including Google and Microsoft, to create "back doors," easy ways to access your information. Though some believe in the good intentions of the federal government, the threats of these back doors can be used by anyone and are numerous: increased likeliness of identity theft, erroneous arrest, unsecured confidentiality, or greater discrimination. Many of these privacy attacks come through mobile apps, so examining the way we use apps is key to reclaiming information security.

There is no way to gain complete privacy, but a good place to start is with phone app permissions. Permissions are used to decide what information an app can and can't collect. Permissions are like the doorway to your house, and the app is a door-to-door salesman. Before installing an app, read the app's reviews, read the permission descriptions, and check Secure.Me"s App Advisor, which keeps track of an app's reputation. You'll know exactly what data you are making accessible. If you are making this accessible to an app developer, you are also inviting the possibility of this information being intercepted by an untrusted source.  In 2012, Berkley published a behavioral study showing most people don't read app permissions at all.

In 2012, Path, a family-oriented social networking app, was caught collecting private information regardless of what their permissions promised. Path's use of the information was only to provide a better service, but they collected the information unencrypted, which left the users -many of them children- vulnerable to malicious third parties who could easily intercept this information.  The Federal Trade Commission sued the developers of Path in 2013. No one had any clue Path was collecting information this way, and permissions are still not regulated or enforced by any official organization.

Because of this, the best advocate of your privacy is you, which means you need the most control over your device. Your mobile operating system works under restricted access. This is done to restrict the chance of user error, lessen the chance of you removing bloatware, pre-installed software that can slow down your device, and reinforce branding with your particular OS's aesthetic. Restricted access also prevents deeper customization of permissions and how apps collect your information.

To move past this restricted access, you will need to undergo a process either known as Rooting (Android) or Jailbreaking (iOS). Before deciding to move past your restricted access, be aware that the process can void your warranty and cannot always be reversed, so be sure it's what you want before moving on.

Using your phone without restrictions is known as being a "superuser." As a superuser (SU) you will have access to files that control the main services of your phone, and so be able to download apps and change files that can better restrict how and if information is collected from you. Many SU specific privacy apps are available and popping up all the time, and the best way to find them is by meeting others who identify as SUs through Facebook, Reddit, IRC, or elsewhere. With SU access to your device, you're equipped to strike app permissions from your list of worries and free to combat countless other privacy risks.