National Privacy Commission urges developers of Instant Messaging Apps to limit the grant of application permissions for users
During this time that we are endeavoring to survive and recover from the COVID-19 pandemic, Instant Messaging (IM) applications currently play an important role in our daily lives to adapt with the restrictions limiting physical interactions. As a result, the concerns of the citizenry on how private and secure these apps emanate from their fear that their data privacy rights might be violated due to the permissions required by IM applications.
These IM applications often seek permissions to access features in a user’s device, such as contacts, microphone, location, camera, photos, and files. Though they ask permission from the user to grant access to certain features of their device, a denial would prevent a user to effectively use such application.
The National Privacy Commission (NPC) believes that limiting access to the full features of IM apps due to the user’s denial to grant app permissions may be unnecessary. Thus, the NPC is encouraging these IM developers and their companies to revisit their policies and allow users who opted to refuse to grant app permissions, due to data privacy concerns, to allow them full access of their apps features.
The Data Security and Technology Standards Division of the NPC hereby recommends these guidelines for developers of IMs to respect the users’ privacy by allowing them to opt-out of device permissions that can track, store, and access their data. We also aim to impart tips on good data privacy practices for users of IMs through these guidelines.
IM app developers must not treat privacy as an afterthought. Below is the privacy by design practices that must serve as their starting point in application development:
Request minimum permissions.
Look for alternatives that will help limit the number of permissions you seek. Specific permissions that get denied by users often should influence subsequent updates to the IM app.
Ask for access only in appropriate timings. Tweak the user interface in a way that it provides an explanation. While some in-app features are necessary to operate the app, some are only needed to improve user experience. For example, in meetups, users press location sharing in their IM apps to know each other’s proximity or location. Never force or let users accidentally allow access to optional features.
Plan for users to select deny. Whenever possible, minimize how long the app is permitted to access a device’s features. The user can allow a permission through the following options:
- While using the app.
The IM app will have access to the specific permission only if the app is active or in use.
- Only this time.
The IM app will have access once or at the time it was granted, and access will automatically be revoked.
If the requested permission is denied:
- Do not lock out users from using your app.
Whenever possible, users must still be allowed to use the app even if they choose the “deny” option. For example, denying microphone permission will still let users browse messages and chat through the app.
- Expect permanent deny.
Do not push users to go to their device’s Settings page. Ask for permission and allow the permission to be dismissed within the app.
4. Access sensitive permissions only when the user expects it.
Instant messaging apps must show visual indicators that it is currently accessing sensitive permissions such as camera and microphone.
5. Pay attention to libraries.
Regularly review current data, especially sensitive data, accessed by external parties through components such as Application Programming interfaces and libraries.
6. Practice privacy engineering.
Privacy engineering integrates the data privacy principles of transparency, legitimate purpose, and proportionality into the life cycle of software development. This helps the software achieve privacy-by-design and privacy-by-default.
Less is more
The responsibility of protecting data privacy rights of IM users does not fall solely on the developers. Aside from embedding privacy by design in these applications, users can secure the app by applying restrictions.
“Simple configurations to the instant messaging app such as setting off your active status, sync contacts, who can see your birth date, and location help maintain your privacy. Applying a passcode or fingerprint lock as well as two-step verification are examples of adding another layer of security to the app you are using,” Privacy Commissioner Raymund Enriquez Liboro recommended.
Users are also advised to examine and tweak the privacy and security settings of their IMs by being vigilant when conversing with strangers and practicing caution when joining group chats. Members of group chats will gain access to your phone number once you permitted to join. However, some IMs allow users to prohibit anyone from viewing their phone number.
“Do not click links and files sent via IM apps from unknown senders or if you are not expecting to receive them. These links and files may be attempts to phish information from you, or they may carry malware that can infect your device,” Privacy Commissioner Liboro warned.
Less is more when it comes to the privacy of IMs. Before granting access, users must carefully review the app permissions a particular IM is requesting.
Thus, prudence dictates to only grant app permissions needed to use the app. Do not allow permissions to features that are not being used. Furthermore, developers of operating systems should also provide options where instant access is granted to app permissions and automatically revoked after such use.
For the full report, you may access them here: Report Link