For those of you who know me well, you would know that I take my privacy reasonably seriously. If I’m not actively sharing my information with you, it’s for a reason. However, as they say, “If you’re not paying for it, then you’re the product”, it can’t hurt to be cautious with your personal information online (and offline).
In the coming days I’ll be putting together a comprehensive run down on how I keep my life somewhat private online but in the mean time I’d like to share this interesting story that I read today on ArsTechnia about a CyanogenMod team member, Steve Kondik.
CyanogenMod if you’re unaware, is a community developed aftermarket firmware for android devices made up of an online modding collective that is dedicated to unlocking and modding the firmware on Android devices to allow end users to mod their devices.
This new development is the introduction of an incognito mode for your android phone that will stop overzealous, nefarious and any app in-between from accessing your personal information on your device.
Lead CynogenMod developer and author of the incognito mode,Steve Kondik, posted this on the Google +summing up what the incognito mode will offer:
I’m working on a new feature that will hopefully make it’s way into CM. It’s called “Run in Incognito Mode”. It’s a simple privacy feature designed to help you keep your personal data under control.
I’ve added a per-application flag which is exposed via a simple API. This flag can be used by content providers to decide if they should return a full or limited dataset. In the implementation I’m working on, I am using the flag to provide these privacy features in the base system:
* Return empty lists for contacts, calendar, browser history,and messages.
* GPS will appear to always be disabled to the running application.
* When an app is running incognito, a quick panel item is displayed in order to turn it off easily.
* No fine-grained permissions controls as you saw in CM7. It’s a single option available under application details.
We aren’t providing ad-blocking or device info (IMEI) spoofing. This feature is designed explictly to help protect your personal data, and it will remain as such.
What this means is that you could for example, install an app such as Facebook that wants to get its hands on the data on your phone (contacts, location etc) and then go on to restrict its access to all off your phones content. When the Facebook app goes to look at the information that you’ve restricted it from seeing, all it will see if an empty contact list, a turned off gps etc.
This is a step in the right direction certainly and while it gives end users a little bit more privacy, it would be great if we could get this level of privacy from a phone right out of the box. As consumers (and products I guess), we need to take a more active role in protecting ourselves online, starting with looking at what we’re sharing online and with who.
Just think, Do I really need to install this app?, what permissions does this app require? (Protip: Games should not need access to your address book, contacts or be able to make calls as a general rule), would my contacts be happy with me sharing their details in my address book with this app?