Android has a permissions system for individual apps, but so do iPhones and iPads. Android gives you a single prompt when you install an app, but iOS allows you to make more decisions.
Many geeks have long believed that Android’s permission system is an advantage over the lack of one on iOS. This may be shocking to suggest for many Android geeks, but iOS’ permission system is arguably much more practical.
Update: Google removed the AppOps feature from Android 4.4.2 after this article was written, claiming it was accidentally released. This means the Android app permission situation is now even worse than portrayed below.
The Problem With Android Permissions
Before we can fully appreciate how app permissions work differently on iPhones and iPads, let’s take a quick look at how they work on Android. When you install an app from Google Play (or anywhere else), you’ll see a list of permissions the app requires. Apps must declare permission to do everything from access the Internet to read USB storage, all the way up to accessing your phone call status and GPS location data.
If you’re someone who actually pays attention, you can view this list of permissions at install time. But it’s a take-it-or-leave-it decision. You can choose to install the app and accept the permissions or refuse to install the app and deny the permissions.
If you’re an average Android user, there’s a good chance you don’t even pay much attention to permissions. You’ve probably been trained that apps will request all sorts of permissions, including “location” permissions in free games for advertising-targeting purposes. If you want to use the app, you’ll end up installing it.
This is the only permission decision most users ever get to make. On Android 4.3 and later, it’s now possible to manage app permissions with settings built into the system with the new AppOps panel, but these settings are hidden and will never be found by most people. You also have to make a more active decision, seeking out the control panel to manage permissions after installing the app.
How iOS Permissions Work
App permissions on iPhone and iPad function differently. When installing an app, you’re not making any choices about permissions. You are choosing to allow certain basic permissions — every app you install has some baseline permissions, like the ability to access the Internet. At install time, you’re just installing the app — not granting it any special permissions like access to your GPS or contacts.
To use certain permissions — specifically, to access your Location Services (GPS), Contacts, Calendars, Reminders, Photos, Bluetooth, Microphone, Motion Activity, Twitter account, or Facebook account — the app requests the permission when it needs to use it. For example, when you install Google Maps or another mapping app, it will show a pop-up asking to view your location when you first use its mapping features. If an app needs your contacts for a certain feature, you’ll only see a contacts permission prompt when you first use that specific feature.
It’s easier to understand why an app wants the permissions and what it’s using it for.
What’s more, you have more than one option here. You can deny a permission request — saying “no, I don’t trust this app to access my contacts or GPS location” — and continue using the app anyway. You can enable some permissions but not others.
On Android, normal users can choose to allow all permissions at install time or just not use the app. On iOS, normal users can manage and understand permissions much more easily.
You can also go into the iOS Settings screen and tap Privacy to view these categories of permissions.
Tap a category to view which installed apps have access to a permission and optionally revoke them. This is essentially iOS’ version of the AppOps screen on Android, but it’s visible to average users instead of hidden for geeks only.
This system forces app developers to justify the permissions they require. On iOS, users would deny access to Angry Birds if it suddenly asked to read their GPS location. On Android, many users probably don’t even realize they’re allowing this.
Where Android Still Wins
Of course, Android’s permission system still has its advantages. If you’re a geek, you can get more fine-grained permission control via AppOps. Android also forces apps to declare more permissions, so you can see whether an app can access the Internet or not. Android also offers permissions that aren’t available on iOS, allowing apps to do more things.
But, while Android is still flexible and powerful in many ways, it stumbles when it comes to the real world. Normal users who just want to play mobile games without having their contacts harvested and locations collected have much more control on iOS.
There’s just no reason why Android’s permission system should be so “take-it-or-leave it” unless you know about a secret settings screen. The web works like iOS — if a website wants to access your location, it has to ask. If it wants to access your microphone or webcam, it has to ask. You can choose to allow or deny any of these permissions and still continue using the website. It should work like this on Android, too.
Hopefully, Google will continue developing AppOps and make it available to normal Android users. For now, it’s just not true to say that Android has app permissions while iOS doesn’t — both operating systems have permission systems. And Apple’s solution is probably better for most people.