Here’s how data-thirsty the apps on your phone are: HDFC Bank’s app won’t install until you permit it to access phone calls and SMS permissions. The same goes for ICICI Bank. Then there is Airtel TV. The first thing Airtel’s OTT app wants is access to your photos and videos. It goes on to ask for multiple permissions. But unlike the banks, it installs even when denied the litany of permissions it sought. Clearly, the app doesn’t really need any of that data to function, but it asks for permission to access it. Why?
Because Google’s Android operating system (OS) allowed it to do so.
If data is oil, then every company with an app is drilling for it. And Google not only is the largest driller of them all, but it also has access to over 90% of oil wells by virtue of owning Android, which powers 97% of India’s smartphones. And now, after companies have enjoyed easy access to data and grown dependent on Google for it, the search giant is restricting its supply.
On 9 January, all companies that have apps on the Google Play Store had to stop asking users for access to SMS and call log details, ostensibly to protect users’ data. After all, Google announced this move on 8 October, the same day a Wall Street Journal report stated that a software glitch on Google’s own social networking site, Google Plus, exposed a trove of user data. Worse, Google didn’t tell users. It didn’t want to be painted with the same brush as Facebook, which was still smarting from its user data being leaked to data analytics firm Cambridge Analytica.
In response, Google shut down its social network. Going a step further, it announced that only Android applications selected as ‘default apps’ for calling or texting by users would be allowed to request access to SMS and call data. This brings to an end a decade-old practice of allowing access to this data, with companies given a three-month deadline to update their apps to ensure compliance.
That deadline was 9 January.
While user privacy is a valid concern, the move carries serious implications for companies who have built their business models around access to this data. Lending fintechs, for example, use this data to estimate users’ income and give loans accordingly. Google’s move creates a massive blind spot for these companies.
For its part, Google has since created a list of exceptional use cases that apps can still access SMS data for, as well as a list of invalid use cases.
With these lists malleable according to Google’s discretion, businesses who’ve seen their data taps turned off can appeal to Google for an exemption.