Learn about privacy best-practices that can boost your app’s quality and popularity!
As part of the Privacy Week for Android Developers, we’ve shared that more than half of US adults have avoided using a digital service due to privacy concerns. Here at Android, we believe privacy is centered around the user. We have added many transparency-enhancing features in recent releases to help users identify which apps are accessing their data and their devices’ sensors, when that access is taking place, and how apps are using that data. As such, it is more important than ever for developers to treat user data with care and only access it when necessary for, and expected by, the user.
This blog explores how you can best leverage these features to strengthen your privacy-first app experience and increase user trust in your apps.
Here are a few top privacy launches from recent Android versions …
In Android 12, Android released the privacy indicators, which show when apps are accessing data from the device’s camera and microphone. Users can click the indicator to easily see which apps are currently accessing their data.
Android 12 also saw the release of the privacy dashboard — a one-stop shop that allows users to see which apps are accessing data, which permissions apps are using, and when that access is happening.
Users are responding positively — over 40% of users are engaging with the details of app accesses in the privacy dashboard (which later evolved to be part of the new Security and Privacy Hub discussed below). This positive engagement prompted an enhancement in Android 13 to expand the dashboard’s timeline, now showing data accesses and permission requests from the past 7 days.
Content copied to the clipboard can contain sensitive information such as emails and even passwords, so Android 12 notifies users every time an app reads data from the clipboard that originated from outside the app via ClipboardManager.getPrimaryClip() .
We took it one step further in Android 13 — the system will automatically clear the users’ clipboards after a certain period of time when sensitive content is detected.
Security & Privacy Hub
Then, in Android 13 we unified security and privacy settings into a single hub, the Security & Privacy Hub. This hub makes it easier for users to understand the privacy and security status of their devices. The hub highlights possible harmful apps, excessive permissions, and other privacy- and security-related topics.
With Android’s focus on showing users how their data is being processed and further protecting the data that users care about most, it’s vital to take privacy seriously. It means more than “checking off a box before upgrading your targetSDK” — adopting privacy best practices can help set your app apart from those that don’t.
Let’s go through the best practices:
Minimize your permission requests by using features like the photo picker, to decrease the number and frequency of permission requests. This will prevent your app from getting blamed for access via the privacy indicators and dashboard. Remember that this includes accesses by 3rd-party SDKs as well.
2. If you still need a certain permission, make sure to follow best practices by providing in-context requests, showing additional rationale when required, and respecting the user’s decision by providing alternative experiences that don’t require permissions.
3. Leverage the data access audit APIs to track your app’s data accesses, including from 3rd party SDKs and libraries, and look out for access that might seem unexpected to the user. In addition, remove or revoke permissions via the revokeSelfPermissionOnKill()API introduced in Android 13 when they are no longer needed!
4. Avoid privacy-sensitive workarounds, such as discovering installed apps using media metadata. The system will highlight your app for this broad access of user data.