I am a Motorola Droid 2 Global Smartphone user running the Android 2.3 operating system. By default, the phone comes preinstalled with a number of useful Google applications (Apps) such as email, web browser, maps, books, etc. and one in particular that got my attention: YouTube.
I acknowledge that in order for Smartphone Applications to function, they need a certain amount of unrestricted access. This might include opening up network connections, keeping the phone from going to sleep, automatically updating your location, using stored credentials to access your accounts for transmitting and receiving data. Most of these activities are routine, necessary, and are of little cause for concern.
Now I am sure all of you are thinking, “What could possibly be troublesome about the YouTube media player app?” Answer: Its’ total and complete disregard for my personal privacy and the inability for me to set any parameters to limit its’ reach in to my phone or personal activity.
In the most recent update the Privacy Policy has changed. So much so that Google specifically brings to your attention this new level of invasive access that is something right out of a TV Crime Drama. The YouTube app may, and I quote, “Take Pictures and Videos” which sounds harmless enough until you read this part, “Allows application to take pictures and videos with the camera. This allows the application AT ANY TIME to collect images the camera is seeing.” Wait there is more: “Allows an application to perform operations like adding, and removing accounts and deleting their password.”
Excuse me? This implies that any time my Camera is on, YouTube can capture the images from the Camera and then without asking for my specific approval, act on my behalf by accessing all of my account information and permissions and transmitting the images regardless of my intent.
This sounds very much to me like that new Anti-Theft application that, upon activation, automatically turns on the Camera of your Smartphone and takes a picture of the alleged thief, tags the GPS location of the phone and updates a secure web page or emails the information for you to forward to Police. There is one critical exception: I can control that Anti-Theft Applications access to my camera, I cannot control the actions of YouTube.
I would like to believe that I am misreading the privacy policy and that what Google really means is that the above can only happen when I have the Camera on and INTEND for the YouTube application to upload my images to the YouTube service. However, that still does not explain the part about the ability to, “add/remove accounts and delete passwords.”
If the intent of Google is to “act on my behalf with my explicit instructions and approval” then they should clearly say so. If not, I am concerned that if I permit YouTube the access it seeks, I might have just given up all privacy rights to every photo or video I take with my phone because I have given Google complete and total access to those images.
Unfortunately, there is really no one to ask for clarification about the Privacy Policy at Google. I did use the Privacy Policy Contact Us form but the confirmation page was less than comforting in its response to my inquiry: “We’ve received your message. We’ll follow up with you only if we require more info or we have additional info to share.”
More users need to READ the privacy access permissions being requested by Smartphone and Software Applications and recognize exactly what they are signing away in terms of personal privacy. Then, they need to contact the developers or providers of the service and refuse to accept the terms and NOT USE THE APPLICATION until the privacy policy is corrected.
Perhaps the best example of a complete and total disregard for personal privacy of any kind is Facebook. The site gives the appearance of allowing users to set controls over how their information is used and shared. The practical reality is that every Facebook App wants the ability to act as if it is you with full access to your address list and all of your information. It wants to “post to your wall” at will with no opportunity to for you to review what the App will post.
Obviously, the other 799,999,999 Facebook users (of the 800 Million) are completely comfortable with allowing Facebook and most Applications to have an “All Access Pass” to every single piece of information listed in the Facebook ecosystem. I must be the only one to be concerned as Facebook since as popular as ever.
My point is that due to our own lack of action, we are giving away our information then complaining about it after the fact.
If you are concerned about the state of Electronic Privacy, get involved with the Electronic Frontier Foundation. Their mission is to defend your rights in the Digital World.
Forewarned is forearmed. If you know that the privacy policy is overly invasive and access to your information is virtually unrestricted, be mindful of what you post or allow any site or service that has a sharing component to know about you.
The age old adage, “Never put anything up on the Internet or in an email that you would not want on the cover of the New York Times” still holds true. (Or, you might just be reading about it in the morning paper.)
One Final Note: Institutions that manage your personal financial data take privacy very seriously and go to extreme measures to make sure that your information stays secure. They may share your name and address for marketing purposes but your sensitive information is not shared without your express permission. An example would be release of financial information for a credit application.
To view the Google Privacy Policy, visit:
http://www.google.com/policies/privacy
To learn more about the Electronic Frontier Foundation, visit:
http://www.eff.org