Do a five-minute internet search on apps and privacy, and you’ll find a number of “how-to” articles about protecting your privacy on your phone. While useful, these guides are like instructions for putting antifreeze in a car with a leaky radiator. Yes, it might keep your car running a bit longer, but it doesn’t address the underlying problem: You need a car with a functioning radiator.
It’s easy to blame users for failing to manage privacy on their devices. Well-meaning tweets, videos, and comments on the subject abound. But is it really a user’s job to read a bunch of how-to guides just so they can check the weather on their smartphone? Shouldn’t they be able to use their devices without worrying about sharing the same fate as a DNC email?
Let’s call out the elephant in the room: It’s a critical design flaw that we put the onus on users to manage something as valuable as their own privacy. Case in point: App stores–the beating heart of smartphone ecosystems, where most users go to search, discover, and install apps–are an obvious place for privacy design thinking.
Research shows that people tend to choose apps that are at the top of these stores’ lists. Online app merchants could leverage this behavior to significantly impact user privacy simply by ranking privacy-friendly apps higher in their search results. Or they could display ratings for privacy, much as they currently display star ratings for functionality.
Unfortunately, most app stores completely fail to help users protect their privacy. One of the largest players in this space, Google Play, only offers permission information as generic text, hidden away behind a link, and makes no effort to promote privacy-respecting apps. Even worse, it pushes users toward sponsored apps that may mine their personal information, often without making clear to users what data they are gathering or how they are using it. Apple, another major player in the app world, offers no permission information in its iOS app store, and users have to wait until they actually run an app—by which time they have committed to using it—to learn which permissions it will request.
It’s worth speculating on why these marketplaces refuse to signal-boost privacy-friendly apps. Google, in particular, represents an interesting paradox: One part of its success is based on superb systems for ranking information, which could be put to help users. However, another part is based on its behemoth-sized ad business, which works better the more it learns about users—providing a disincentive to promote apps that learn as little as possible about users (and even more of a disincentive when they use Google’s own mobile ad framework). Indeed, privacy-centric design may be antithetical to the company’s short-term interests. (Google declined to comment for this essay.)
Regardless of the reasons why, Google’s policies leave users to sort through the millions of apps available to them, with little built-in guidance for determining friend from foe. As long as the outcry from the technical community continues to focus on what users should be doing better, we can expect app stores to continue with business as usual, amassing user data for their own use, however harmful that may be to users. We can and should expect app-store providers to find creative ways to align our long-term interests with their own.