India’s telecom regulator TRAI recently launched an app for collecting feedback regarding call quality straight from users and a different app for testing data download speeds directly from users, as well as a Do No Disturb (DND) app for filtering spam. However, while taking a closer look at the Android permissions requested by TRAI’s apps, there are requests made for accessing sensitive information like location, contacts, call logs and even for re-routing outgoing calls. Although some risky permissions might be required for running the app (like location, call logs, etc.), TRAI does not mention whether it stores sensitive data on its servers or internally within users devices. It, however, does mention that submitting a feedback via the app is not equal to registering a complaint. “The (speed test) app does not send any personal user information. All results are reported anonymously,” added TRAI. But in particular instances, there is no explanation as to why an app requires sensitive permissions. For e.g. the MyCall app which helps fetch feedback from users on call quality, requests permissions to read my contacts. TRAI says that all data submitted to it will be anonymous, but silently accessing contact information of its app users is not justified. While TRAI does not make any mention on why it requires contact details for measuring call quality. Secondly, all the apps released by TRAI requests access to my ‘device ID and identify’ which can be used to track phone number of the device itself. This again contradicts TRAI earlier…
