Why it matters: It’s understandable for daily apps to require access to your phone’s sensitive info like location, mic, or camera. However, rarely/unused apps with permanent access to this info can become a privacy risk. It’s why Google baked in an auto-revoking permissions feature in Android 11 which resets permissions for apps that haven’t been launched for some time. Now, Google has announced a gradual roll out of this privacy feature to all Android 6.0 devices and later, starting December 2021.
Among the several privacy-focused features introduced in Android 11 was the OS’ ability to reset permissions for apps that hadn’t been used in a while. The premise was that a user might have installed an app, granted it access to sensitive hardware like camera or storage, and happened to launch it once or twice before leaving it unused in the app drawer for months on end.
To improve privacy, Android 11 would detect such apps and revoke their permissions so that user consent was required again upon launch. Up until now, this feature has been exclusive to Android 11 devices, but will soon become available to billions of older phones via a Google Play Services update.
|Current behavior||New behavior|
|Permissions are automatically reset on Android 11 (API level 30) and higher devices.||
Permissions are automatically reset on the following devices:
|Permissions are reset by default for apps targeting Android 11 or later. The user can manually enable auto-reset for apps targeting Android 6.0 (API level 23) or later.||No change from the current behavior.|
|Apps can request the user to disable auto-reset for the app.||No change from the current behavior.|
Considering how slow Android OEMs can be to push out the latest OS releases to recent phones, not to mention perfectly functioning ones that have reached end-of-life, it’s nice to see Google stepping in and bringing this privacy feature to a sizable chunk of the Android user base.
The company notes that the feature will be enabled by default for apps targeting Android 11 (API level 30), and can be enabled manually for those targeting API levels 23 to 29. Also, apps that enforce enterprise security policies are exempted, meaning that end-users cannot revoke permissions in such environments.
Google has planned a gradual roll out of this feature starting December 2021, and expects it to reach all devices running Android version between 6.0 to 10 by the first quarter 2021.