Android privacy models
Proposed opt-in permissions model
Current opt-out permissions model
Sys config
App installation
App config
Run-time privacy model
Error, possibly FC
Error, possibly FC
Set global default permissions
(applied to all apps)
App received real data
App is allowed this data?
App requests data
Optional opt-in:
Grant real private data access
App installed
Install app
Yes
Permission revoked?
App received data
App requests data
Optional opt-out:
Revoke permissions
App installed
Grant all permissions?
Install app
Yes
No
Yes
Mock data possible?
App received fake (mock) data
Not installed
No
No
Yes