Ban on Chinese Mobile Apps: How to Protect Your Data & Privacy from Other Sneaky Apps
Few days ago, the Indian government banned 59 mobile apps originating with developers from China and also asked internet service providers (ISPs) and telecom operators to block access to these apps from the country. The Indian government says it received complaints against these apps for stealing and surreptitiously transmitting users' data in an unauthorised manner to servers which have locations outside India.
 
The statement from the ministry of electronics and information technology (MeitY) states: "The compilation of these data, their mining and profiling by elements hostile to national security and defence of India, which ultimately impinges upon the sovereignty and integrity of India, is a matter of very deep and immediate concern which requires emergency measures."
 
The apps banned include TikTok, WeChat and UC Browser and Xiaomi's Mi Community, among others. 
 
However, banning these 59 most prominent apps does not ensure that all your personal data is safe and that there is no invasion on your privacy. On the contrary, almost every app installed on the mobile device demands some or the other permission and access to personal data. 
 
Some permissions are necessary, such as a bank's authentic app may need access to your personal information to ascertain that it is indeed you who is accessing the app. However, as security experts have been pointing out, most apps installed on the device try getting permission for some totally irrelevant function or feature of the handset.
 
As I had explained in one of my articles last year, that a simple app like a flashlight (not many uses it due to built-in torch feature of smartphones) was found seeking as many as 25 permissions, on an average.
 
Any mobile app seeking more permissions than it needs is not only dangerous, but has the potential to harm the user either financially or through misusing personal data, thus violating user privacy. However, not many users even think twice before granting blanket permissions while installing an app. 
 
One of the common reasons I have come across from such users is "I have nothing to hide so why should I not grant these permissions?" Such 'lazy' reasoning shows the lack of understanding of the interconnected and greedy digital world that observes no boundaries. 
 
Apps can request outlandish permissions, but that does not mean that they carry out malicious activities, per se. Unfortunately, permission sought by mobile apps and granted by users is a grey area. Some apps that the user wants will not be installed if even a single permission is denied or some app may not work properly without those permissions. For example, the recently banned SHAREit app does not work without the user granting permission to access location data or contact list on the device. If you are transferring data locally from one device to other, why would you need to access location information and contacts?
 
Here is a small clarification. The app developer may not even require all the permissions sought by the app. Sometimes, the app developers integrate ad software development kits (SDKs) into their code to earn money from advertisers. To allow these SDKs to target users with ads, the apps request countless permissions.
 
The Arrka Privacy Lab from Arrka Infosec Pvt Ltd has explained the relation between app developer, SDK, increasing number of permissions required for an app to function and the risks it pose to user’s privacy. 
 
 
So far so good. However, in India, and anywhere across the world, people are not only using Chinese apps, they are using mobile devices too from brands with origin in that country. And many of these Chinese phones come bundled with pre-installed apps (known as bloatware) that cannot be uninstalled. At the most, the user can disable the app. 
 
But do remember, this is the same case with almost all the mobile phones sold. So either you will have to live with these pre-installed apps or disable them, irrespective of the mobile brand. 
 
Since the Indian government has banned 59 apps that come from developers in China, once these apps are removed from app stores, there will be no updates or upgrades. In addition, once ISPs and telcos block access to internet protocol (IP) addresses to these apps, the user will have no option but to stop using them. 
 
The question now is, how about other apps installed on your mobile device, its security and permissions? If you are using iPhone, then under privacy in the settings, you can check and decide allowing an app to access any particular service or feature. 
 
On Android phones, dangerous permissions sought by apps are categorised into nine groups. This includes, body sensors, calendar, camera, contacts, location, microphone, phone, SMS and storage. You need to go to privacy or permission from the settings. Do a thorough and proper check here and find out if that particular app indeed needs access to the group. 
 
As I stated earlier, the flashlight app does not need access to your body sensors, calendar, contacts, location, microphone, phone, SMS or even storage. So, you can safely deny these permissions. If the app works without these permissions, well and good. If it does not, then simply uninstall it as it would be dangerous for you and your personal data.
 
Mainly, do check the phone access sought by all apps. Permission for phone gives an app access to your phone number, cell network information, call status, voicemail, VoIP, and allows it to read and edit calling logs, and even redirect calls to another number. Any malicious app, if given this permission, could spy on your phone usage behaviour and even make calls without your knowledge or approval.  
 
So What Should You Do?
 
1. Before installing any mobile app, make it a habit to read about the app, and its reviews. Notice if reviewers’ comment on whether or not the app does what it says it will do.  
 
2. Check permissions that the app needs. Granting incorrect permissions can send sensitive data to cybercriminals, including information such as contacts stored on the device, media files and insights into personal chats. 
 
 3. Do read the privacy policies and terms and conditions of the app, as mentioned by the developer.
 
4. Find out more details of the developer from the play store. Also visit the website of the developer and search for more information about the app and its developer. 
 
5. Install a trustworthy anti-virus app, which acts as a safety net, and can identify apps that are infected with adware or malware.
 
6. Feel like a royal while using your mobile, but be extra alert while granting permission to any app. 
 
7. Be alert and cautious every time you use your mobile devices. It will save your personal data and privacy. 
 
  • Like this story? Get our top stories by email.

    User 

    COMMENTS

    Dilip Modi

    4 weeks ago

    Yogeshji, thank you for the advice with such clarity . I just wonder if it is possible to prepare a chart of of some 20 -30 basic apps and against each, list what permissions are considered necessary. This may give a reasonable guide to the users what to allow, what to deny. Alternatively can play Store, etc be asked to provide some guidance as to what permissions will be necessary for use of the app in question?

    ramchandranashok

    4 weeks ago

    I had always been wondering why SHARE IT failed to work on my mobile whereas it was efficient on other mobiles. Now I understand that it has been due to my restricting certain permissions which I found irrelevant to its actual functions. Thanks a lot for clearing this matter since we all thought that my mobile was malfunctioning irreparably

    Ramesh Popat

    1 month ago

    good information!

    kvrao42004

    1 month ago

    Which is a trustworthy antivirus app?Can the writer suggest?

    SC to ICAI: Don't be rigid, show some concern for students
    The Supreme Court on Monday told the Institute of Chartered Accountants of India (ICAI) to be flexible and consider allowing students to opt out of the exams amid the Covid-19 pandemic.
     
    A bench of Justices AM Khanwilkar, Dinesh Maheshwari, and Sanjiv Khanna took up the matter through videoconference and told ICAI during the hearing: "Don't be rigid, be flexible. Show some concern for the students." The ICAI counsel sought time to issue fresh guidelines in connection with the current cycle of the CA exams slated this year. 
     
    The bench noted that the option to change examination centres should be made available to students/candidates to help avoid travelling, and that things cannot be rigid as the coronavirus situation in India is still evolving.
     
    The ICAI counsel contended that it has 567 test centres that are properly sanitised, and that it cannot change the exam centres now. 
     
    In response, the bench said that the option to change the test centre should be available in case a particular area becomes a containment zone. "This option should be kept open till the last week as the situation is not static. It is dynamic," noted the bench. 
     
    The ICAI counsel argued that a standard operating procedure is in place, and the authorities will shift the exam centre in case there is a containment zone.
     
    The bench asked ICAI that if a candidate in a containment zone is forced to appear in an exam only in November, could it be counted as appearance in July. 
     
    The ICAI counsel said that the concerns of the petitioner are "unfounded" in connection with the opt-out option and the ICAI was bound by the Chartered Accountants Act.
     
    The ICAI counsel also submitted that if a candidate sends an email saying he/she is unable to sit in the exam due to Covid-19, it will not be questioned. "It is a group of 4-4. They can choose to appear at a later date if they are Covid-19 affected," the ICAI counsel maintained. 
     
    ICAI general secretary Rakesh Sehgal submitted before the top court that they will permit an "opt-out" to all candidates wherever the situation has deteriorated, and the only difficulty is in the change of exam centres.
     
    The bench said that whatever notification ICAI issues must clarify about the opt-out option. "You are a professional body. Must take care of your candidates. There could be a case where one candidate is appearing in two sets of papers," said the bench.
     
    The bench then asked ICAI to issue fresh guidelines by incorporating the suggestions made and posted the matter for further hearing on July 2. 
     
    "The ICAI counsel may take instructions and file the modified draft notification setting out the changes," said the top court.
     
    The India Wide Parents Association had filed a PIL in the Supreme Court to seek quashing of a ICAI notification in order to allow CA aspirants to opt out of the exams to be held this year.
     
    Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
  • Like this story? Get our top stories by email.

    User 

    Google Sued in US over Claims of Illegal Location Tracking
    In a lawsuit filed against Google, the US state of Arizona Attorney General Mark Brnovich has alleged that the search engine giant violated privacy of Android users by tracking their location without their proper consent, The Washington Post reported.
     
    For certain features, like weather and Chrome browser, Google allowed location tracking to run in the background despite users switching off app-specific location tracking, the suit alleged.
     
    "At some point, people or companies that have a lot of money think they can do whatever the hell they want to do, and feel like they are above the law," Mr Brnovich was quoted as saying by The Post in an interview reported on Wednesday.
     
    "I wanted Google to get the message that Arizona has a state consumer fraud act. They may be the most innovative company in the world, but that doesn't mean they're above the law."
     
    The Arizona Attorney General wants Google to pay back the residents profits the company might have earned from monetizing their data.
     
    "The Attorney General and the contingency fee lawyers filing this lawsuit appear to have mischaracterized our services," a Google spokesperson told The Verge.
     
    "We have always built privacy features into our products and provided robust controls for location data. We look forward to setting the record straight," the spokesperson added.
     
    Technology giants, including Google, have faced allegations of user privacy violations on many occasions, prompting politicians in the US to talk of stricter regulations and even breaking up 'Big Tech'.
     
    Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
  • Like this story? Get our top stories by email.

    User 

    We are listening!

    Solve the equation and enter in the Captcha field.
      Loading...
    Close

    To continue


    Please
    Sign Up or Sign In
    with

    Email
    Close

    To continue


    Please
    Sign Up or Sign In
    with

    Email

    BUY NOW

    online financial advisory
    Pathbreakers
    Pathbreakers 1 & Pathbreakers 2 contain deep insights, unknown facts and captivating events in the life of 51 top achievers, in their own words.
    online financia advisory
    The Scam
    24 Year Of The Scam: The Perennial Bestseller, reads like a Thriller!
    Moneylife Online Magazine
    Fiercely independent and pro-consumer information on personal finance
    financial magazines online
    Stockletters in 3 Flavours
    Outstanding research that beats mutual funds year after year
    financial magazines in india
    MAS: Complete Online Financial Advisory
    (Includes Moneylife Online Magazine)
    FREE: Your Complete Family Record Book
    Keep all the Personal and Financial Details of You & Your Family. In One Place So That`s Its Easy for Anyone to Find Anytime
    We promise not to share your email id with anyone