Google Overhauls Android Contact Permissions in Major Privacy Shift
AI-generated from multiple sources. Verify before acting on this reporting.
SAN FRANCISCO — Google on Monday introduced a new Contact Picker feature in Android 17, fundamentally changing how mobile applications access user contact data. The update replaces the longstanding all-or-nothing READ_CONTACTS permission, allowing users to grant apps access to specific individuals rather than their entire address book.
The change marks a significant departure from the previous security model, which required users to approve blanket access to their full contact list or deny the request entirely. Under the new system, when an application requests contact information, users will be presented with a selection interface to choose specific contacts to share. This granular control aims to prevent apps from harvesting entire contact lists to map social networks or build user profiles without explicit consent for each entry.
The feature is being rolled out globally as part of the Android 17 operating system update. Google stated the move is designed to enhance user privacy and provide greater transparency regarding data sharing. The company noted that the previous permission model often led to unnecessary data collection, as users frequently granted full access to avoid losing functionality in messaging, social media, or utility applications.
Industry analysts have noted that the shift places stricter boundaries on third-party developers who rely on contact data for features such as friend suggestions, group messaging, and social graph analysis. While the new system empowers users, it may require developers to adjust their application architectures to handle partial data sets rather than comprehensive lists.
The update comes amid growing regulatory scrutiny over mobile data practices and increasing consumer awareness regarding digital privacy. Privacy advocates have long criticized the binary nature of the READ_CONTACTS permission, arguing it forced users into a choice between privacy and functionality. The new Contact Picker addresses this concern by decoupling access from the entire database.
Google has not specified whether the new permission model will be applied retroactively to existing applications or if it will be limited to new installations and updates. Developers will need to integrate the new picker interface into their applications to utilize the granular access features. Older applications that continue to request the legacy READ_CONTACTS permission may still receive full access if users grant the request, though the system is expected to encourage migration to the new standard.
Questions remain regarding how the feature will perform in real-world scenarios and whether users will actively utilize the granular selection tool or default to granting broad access for convenience. The long-term impact on data brokerage and social network mapping remains to be seen as the feature becomes standard across the Android ecosystem.