Will be interesting to see if they can ban Indian govt. app[1] which needs full location access(clarified)[3]. A lot of people like this app(including me) but also know government does not have good track record in securing private data.
Previously Apple were made to bend their rules when India threatened to ban Apple devices if they don't allow TRAI Do Not Disturb app in 2018.[2]
As another commenter pointed out, if the app is not using the contact tracing framework developed by Google and Apple, then the app can basically do whatever it wants (mandate continuous location access etc.).
I don't think apps are allowed to do this on Android any more. You can designate that an app can only have location access while the app is open and in use.
Right, for sure, that’s a choice users have. (On the iphone too, fwiw).
Sadly, outside of tech circles very few people would have the knowledge or even motivation to do this. The attitudes of the populace to online privacy are frighteningly callous.
I've been astonished at the number of apps that are grabbing my location in the background. Espescially since I previously considered myself to be quite on top of the permissions I'd granted my apps.
Android for work can reduce privacy leaks; get Island or another app to set up a work profile on your Android phone, and sign into a secondary account on it so it doesn't have your contacts. Now go to settings and disable location access for work apps. I've stopped paying attention to whether or not apps request location data or contacts access for to this. To prevent the apps from running in the background, just turn off work profile when not using it (or look up Greenify's deep hibernation).
Being on a stock, unrooted phone, the thing I miss most is xprivacy's prompts whenever an app wants to use a permission. I just make sure to check my permissions list every month or so to make sure Google hasn't silently allowed an app update to enable new permissions.
and it may prevent the app from functioning properly but the point is that Apple/Google will not allow you to publish an app on their stores which utilises both of location services and contact tracing APIs
Thanks, just looked it up as well. But to the GP’s point, I do hope Google/Apple start banning apps (especially released by governments) even if they don’t use the contact tracing API.
Not sure about Android, but if you're on iOS you have the choice to disable "full location access". In case it's needed to run certain feature in the app, you can choose the "Allow while using" option.
I do that will all the apps that require location access: local food delivery, cab services, vehicle rental and what not.
We can and for most apps I do this too. But some apps, like this one, require the location or they won't even start. Also at least on android(which also has fine-grained permissions now), this app specifically requires on-going(background?) location access.
Recently this has also been made mandatory for employees, public and private. So organizations have to ensure all employees have this app on their smartphones. We will see how much this is enforced.
My Android device allows for completely disabling location access (regardless of whether the app requires it) or for allowing access while the app is in use, as you mentioned. I'm never sure if these features are OEM additions or features in standard/AOSP Android versions, so I guess if you're using an Android device YMMV.
Well not if once you use the new API specifically made for contact tracing, right? Since the bluetooth scanning will be done by a lower level system run by play services, the app itself doesn't need the permissions.
Mostly because it was released very early. And for a country like India, it may prove advantageous in coming months. We do not have any vaccine for Covid19 and can't be in lock-down forever. We have to learn to live with the virus for few months at least. Apps like these can help in contact tracing while allowing many to live normally.
Also I personally think the permissions(location and bluetooth) are fine for an app like this to really function. I have read someone mentioned on HN that these platforms prove their worth when >60% people are using them(I maybe remembering wrong though).