The move will have a direct impact on lending and financial services companies that rely on such data to determine customers’ credit scores, as well as on e-commerce companies that scrape such information to build customer profiles.
Google’s decision comes at a time when many startups are targeting the next 100 million users, where data around consumer behaviour and smartphone usage pattern can provide a huge advantage to build better products.
“This is a bold move from Google. If they do crack down on this seriously, everyone from large players such as Flipkart and Paytm to smaller ones will be affected,” said a senior executive at a billion-dollar-valued internet startup, declining to be identified due to the sensitivity of the matter.
A senior executive at Paytm said the company “is a part of the whitelist in Play store. We are a UPI app (and) that gives us access to SMS. We never read call logs and that is not the kind of data we would use/need.” In a blog post on October 8, Google said only Android applications that users select as their ‘default apps’ for making calls or texting will be able to request access to such data.
Google clarified it may grant limited exceptions if an app transparently provides a highly compelling or critical feature where there is no alternative method to provide the feature.
“Ultimately, it will come down to how strictly and fairly Google implements these changes across its Play store and across companies, large and small,” said a venture capital investor.
The purpose, Google said, is to allow access to apps whose core function is dependent on the permissions sought for specific purposes. This is aimed at restricting apps from taking undesired permissions that are not required for their functioning.
For users, this could be the end of granting forced SMS permissions that many Indian apps seek, and premature app uploads, like in the case of local messaging app Khimbo that was pulled down due to glaring faults in its security system.
Experts say Google’s move is particularly significant in a market like India where users are unaware of data implications and end up freely granting app permissions. “Google’s decision to prohibit apps from accessing SMS logs and call data records of its users will have a huge significant effect on fintech firms in India, something none of them were prepared for,” said Kunal Shah, founder of payments startup Freecharge.
In addition to limiting an app’s ability to seek access to call logs and texts, Google will now provide granular details of what permissions a user gives for using a specific app. Apps that allow users to log in via Google’s sign-on feature will have to show each requested permission one at a time in separate dialogue boxes, instead of in a single screen.
Developer policies at large technology firms like Facebook and Google are being reshaped following a string of privacy snafus recently. Earlier this year, Facebook introduced restrictions for its developers and third-party applications in accessing user data after the Cambridge Analytica fiasco.
Google’s Android operating system, which aims to tear down barriers for independent developers to contribute to the app ecosystem, is now restricting permissions to developers accessing individuals’ personal data. This, after the company found private data of Google-plus users being exposed.
Industry observers say Google and Facebook are taking a leaf from Apple’s playbook when it comes to developer policies. Apple, which used to be criticised for being a closed and unfriendly developer ecosystem, is now seen as a harbinger of user privacy.
“Google and other developer ecosystems are slowly moving towards Apple’s user consent policy—a more protected system,” said Prajyot Mainkar, founder of Androcid Media, an Android application development firm.
This story has been sourced from a syndicated feed and was originally published on ET Tech.