Earlier this week, it was uncovered that iOS apps had a glitch that gave app developers access to users’ photos once they allow an app to access their location information. Now a new investigation launched by the NY Times has discovered that a similar snooping can happen on Android, where third-party developers also have access to users’ photos without explicitly asking for permission.
However, the situation may be worse on Android because any app on the platform that has the right to connect to the Internet, can access a device’s photos and upload them to a remote server without any notice or permission requirements. It’s not clear if any current Android apps are actually doing this, but the capability to do so is there.
But according to Google, this feature on Android was intentional and a relic from when images were more commonly stored on SD cards. The Android photo file system was originally designed to be similar to other computing platforms like Windows and Mac OS, but as phones and tablets have evolved to rely more on built-in non-removable memory, the company says it will have to take another look at this.
Apple hasn’t commented on the issue yet, but tips suggest that the company is already working on the fix. Google says it’s “considering” a fix, but with all the privacy issues its been faced with as of late, it had better just nip this one in the bud swiftly.