Privacy International is leading a coalition of more than 50 organisations demanding Android owner Google offers users the opportunity to delete any and every app from their device.
On almost every device, there are several apps which are relatively redundant and useless. Unfortunately for the user, these applications are known as ‘bloatware’ and there is no-way to get rid of the squatting app. The open-letter spearheaded by Privacy International is calling for Google to end the practice, allowing users complete control over what applications are kept on the device.
“We, the undersigned, agree with you [Google CEO Sundar Pichai]: privacy cannot be a luxury offered only to those people who can afford it,” the letter states.
“And yet, Android Partners – who use the Android trademark and branding – are manufacturing devices that contain pre-installed apps that cannot be deleted (often known as ‘bloatware’), which can leave users vulnerable to their data being collected, shared and exposed without their knowledge or consent.”
‘Bloatware’ applications are largely harmless on the surface. Generally, they sit there not doing much, but the issue being raised by Privacy International and its followers is what is going on in the background.
Quoting a paper written by several academics, the coalition claim these applications collect data in the background, largely without the knowledge of the user, and also have ‘privileged custom’ permissions which would not usually be granted by the Android security framework. These permissions include access to the devices microphone and camera.
Interestingly enough, the paper also claims the devices carry the ‘Google Play Protect’ badge but 91% of these applications do not appear in the Google Play Store. This could be a way to get around the strict privacy protections which are implemented by Google and therefore undermines the integrity of the ‘Google Play Protect’ credentials.
The letter is calling for several changes to the dynamic, most notably:
- Users should be able to permanently delete any application
- Pre-installed apps should face the same scrutiny as other apps
- Pre-installed apps should have some sort of update mechanism
- Google should refuse to certify devices unless manufacturers make changes to reinforce privacy credentials and protections
What is worth noting is that Privacy International and other such organisations are lobby groups which often paints an apocalyptic view of the digital economy. Google can never do anything right in the eyes of this community.
That said, Google is often in hot water over privacy concerns.
Numerous executives have penned blog posts and opinion articles to push the importance of privacy both as a concept and an internal company value of Google. However, the odd scandal often emerges to undermine these PR efforts.
In November, Amnesty International suggested Google was implementing strategies to abuse privacy rights of individuals. Its virtual assistant is under investigation after it emerged humans were reviewing transcripts of conversations recorded by its smart speaker without the consent of the user. In July, International Computer Science Institute (ICSI) researchers said numerous apps could easily circumnavigate Android’s privacy protections. The Google smart city initiative, Sidewalk, has also come under some intense privacy criticism.
What is clear is that Google’s actions and the relationships which it has in place are always of benefit to it as an organisation. The presence of ‘bloatware’ is by design not an oversight, therefore Google will begrudgingly back-pedal on this current dynamic. It may well be forced to under the weight of public criticism, but there will be plenty rolls of the dice before it.