Elternguide.online

To edit photos, make voice calls or send messages, apps need access rights to the camera, pictures, microphone or contacts. Most of the time, these permissions make sense to be able to use the apps fully. Sometimes it is not clear for what purpose apps want to access personal data. To help you review app permissions with your child, we’ll take a closer look at selected permission types in this article.

Camera

Here’s how this permission works: Apps are allowed access to the smartphone’s or tablet’s built-in cameras to take photos and videos.

These apps need access to the camera, for example:

Messenger and social media: Apps for taking photos and (live) videos directly in the application as with WhatsApp , BeReal or Instagram .
Communication: Apps with video telephony option like Signal or Skype.
Scanning: Apps for recognizing QR codes and barcodes.
Augmented reality: Apps that superimpose additional elements on the camera image using AR technology, such as Pokémon GO .
Filter apps: Apps for creatively editing your own face, such as face filters.

Here this function is optional:

Photo and video editing: Apps for creative editing of photos and videos. The image memory can also be used here.
Unlock: A smartphone can be unlocked using facial recognition. It is safer to use a code or fingerprint, as facial recognition can be fooled by a photo held in front of the camera.

This risk must be taken into account:

There is a risk that apps with access to the camera will be used to record users unintentionally. To prevent this, you can attach a cover with a slider to the camera lens, for example.

Microphone

This is how this permission works: Apps are allowed access to the microphone integrated in the smartphone.

These apps need access to the microphone, for example:

Communication: Apps for making phone calls, video conferencing or sending voice messages such as WhatsApp or Zoom.
Voice assistance: for entertaining with assistance systems such as Alexa, Siri and Co.
Audio recognition: Apps for the identification of bird calls like Birdnet or songs like Shazam.
Audio and video production: Audio apps for recording voice memos and radio plays, and video apps for dubbing videos and animated films.
Measure sound levels and tune musical instruments: Apps to control the volume or pitch.

Here this function is optional:

Voice control: Apps like Google Maps or search engines offer the option of entering commands verbally. The alternative is to submit it in writing.

This risk must be taken into account:

Apps that are allowed to access a device’s microphone can use this feature to listen in. Conversations, sounds from TV and radio, or music – there are apps that eavesdrop on their users around the clock and analyze them for keywords. The data is used for personalized advertising or resold for unclear purposes. Consent to this is done by agreeing to the terms of use when downloading the app. For interception, many services use a technology from the manufacturer Alphonso. If you search for it in the App Store or Play Store, you will find all apps that use this software. How exactly you can protect yourself from eavesdropping is explained by MDR in a Brisant feature.

Contacts

This is how this permission works: Apps can access, modify, forward, and delete stored contact data, as well as search for specific contacts. You receive information about which contact is contacted, when, for how long and via which communication channel.

These apps require access to the contacts, for example:

Communication: Apps for making calls and sending messages like WhatsApp or Threema . With most messengers, access to contacts can be denied and the app still remains functional. The chat list will then only contain the phone numbers and not the names of the contacts.
Social Media: Apps for networking and connecting like BeReal or TikTok .

Here this function is optional:

Navigation and journey planner: Apps for finding the fastest way to the address of a saved contact.

This risk must be taken into account:

Apps that are allowed to access a device’s contact list can use this feature to collect personal data and analyze contact associations. This means that by accessing contacts, apps collect data from uninvolved people who do not have messenger or social media apps installed themselves. Be aware that your handling of personal data also affects third parties, namely your contacts.

Other permissions

You should also carefully review the following authorization types:

– the location , for example to use navigation apps

– the telephone, for example to call contacts

– The SMS, for example, to send a code for two-factor authentication.

– the calendar, for example to send appointment invitations

– the memory, for example to edit already created pictures and videos

A detailed list of all permission types of Android devices is provided by the AppChecker of the iRights.

What should parents pay attention to?

Explain to your child what app permissions are, how to set them and how to check them. Encourage your child to use their data sparingly and to protect it. Educate yourself together with your child before installing an app:

Do we really need the app?
Who is the app provider?
How many downloads does the app have and what are the user comments?
What does the app’s terms of use say?
How is the app positioned in terms of data protection?
What permissions does the app ask for?
Which of these would I need to agree to in order to use the app for my purposes?
Are all authorizations traceable?

If you or your child have granted an authorization that you do not use or are critical of, you can cancel the authorization at any time. See the article on app permissions for instructions on Android and Apple device settings.