Apps to stop monitoring user activity, says Android

New software with less paranoia

The release of Google’s latest operating system brings minimalist design updates for Android users, including a focus on privacy that will forbid apps from tracking activity.

Android P, unveiled at Google’s annual developers conference on Tuesday, will restrict apps from gaining unrestricted access to seeing what an individual does online.

Under previous Android versions, apps given permission to access information such as a device’s location, camera, and microphone were able to use these data indicators outside of the app’s original purpose.

This meant that an app could theoretically – and most probably – monitor when a user connects to the internet and determine where they are online through TCP/UDP, which is how data is transferred.

The content of a user’s activity could not be seen, but the data is still useful for targeted advertising, for instance.

XDA Developers, open-source mobile software researchers, first pointed out the change in a blog post written by Mishaal Rahman.

He said: “There’s currently no restriction on apps accessing /proc/net, which means they can read from here (especially the TCP and UDP files) to parse your device’s network activity. You can install a terminal app on your phone and enter cat /proc/net/udp to see for yourself.”

Rahman added: “But thanks to new changes coming to Android’s SELinux rules, access to some of this information will be restricted.

“In particular, the change applies to the SELinux rules of Android P and it means that only designated VPN apps can get access to some of these files.”

No more bad apples

Google doesn’t appear to be the only one reeling in this long-held surveillance power of apps on smart devices.

Apple has also started to crack down on apps that share location data with third parties by reportedly removing them from its App Store and referring developers to the company’s best practice guidelines.

This tightening of rules for app developers comes as the EU's General Data Protection Regulation (GDPR) is set to come into force later this month.