Many unscrupulous mobile-app developers keep finding ways to bypass user's settings, regulations, and privacy-enhancing features of the operating system, in order to gather as much private data as they possibly can.The apps gather information such as location, even after owners explicitly say no.
Thus, we can't trust rules against spying. What we can trust is having control over the software we run.
"Fundamentally, consumers have very few tools and cues that they can use to reasonably control their privacy and make decisions about it,"
Permissions on Android apps are intended to be gatekeepers for how much data your device gives up. If you don't want a flashlight app to be able to read through your call logs, you should be able to deny that access. But even when you say no, many apps find a way around: Researchers discovered more than 1,000 apps that skirted restrictions, allowing them to gather precise geolocation data and phone identifiers behind your back.
Researchers from the International Computer Science Institute found up to 1,325 Android apps that were gathering data from devices even after people explicitly denied them permission.
The study looked at more than 88,000 apps from the Google Play store, tracking how data transferred from the apps when they were denied permissions. The 1,325 apps that violated permissions on Android used workarounds hidden in its code that would take personal data from sources like Wi-Fi connections and metadata stored in photos.