A few days ago, EFF’s Deeplinks blog (highly recommended for those who care about privacy and the government snooping epidemic) reported on a crucial addition to Android 4.3 that finally offered users some privacy by allowing them to install an app while controlling or even blocking that app’s attempts to collect data (like the ever-present message seen on iPhones that “AppXYZ wants access to your contacts/email/firstborn child”).  Now, Google has removed this addition in Android 4.4.2, claiming that it was a “mistake” to put those privacy fixes in the previous version.  In other words, “All your privacy are belong to us.”

When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.Many instances of apps “breaking” when they are denied the ability to collect data like a location or an address book or an IMEI number can easily be fixed by, for instance, giving them back a fake location, an empty address book, or an IMEI number of all zeroes. Alternatively, Google could document for developers that these API calls may fail for privacy reasons. A good hybrid would be to use fake data for old versions of the Android API and cleanly defined Java exceptions in the next API level. As with many other changes that occur across Android devices and Android versions, some app developers might have to do minor updates to keep up.

The kicker is that if a user chooses not to upgrade to Android 4.4.2, they are vulnerable to security problems and denial-of-service attacks.  Choose your poison, Android users: leaky security, or apps demanding network access and specific user data/location when they don’t need it?  (Do flashlight apps, games, and music apps really need to know where you are?)

In related news:

A major Microsoft engineer specializing in “augmented reality, mapping, wearable computing and natural user interfaces” has gone over to Google.  Meanwhile, Google has also purchased Boston Robotics—a military robot manufacturer.

Let’s recap: Google said way back in the first days of Snowden leaks that “oh my goodness, we had no idea.  How awful for you folks.”  Since then, they’ve been busted knowing about it, doing it, and not really caring about any of it.  Google now owns a military robot company, and a brilliant engineer who works on that sort of thing. Android users get to bite it too.  Good job, Google.