Let’s take a look at what’s going on here. First off, Google Keyboard has access to your own contact card, and accounts on your device. This means it has the ability to know who you are, and all of the Email (and other) accounts you have available on your device. That means it’s possible for them to see what Google/Dropbox/ Twitter/Microsoft Exchange/Facebook accounts you have available on your phone. I have absolutely no idea why this is needed, nor why people are willing to give this information over.
Next up, the app can read your contacts. That’s fair enough–Google obviously want to add your contact names to the spell-checker and auto-complete databases. This makes sense, and is something justifiable for a keyboard. The ability to modify or delete the contents of USB storage is somewhat strange, but while it does allow access to all your data stored on your “SD card,” there’s unfortunately no real way to do this in any more granular way. Ideally, Google would only use the secure /data/data storage, and therefore wouldn’t need this. Alternatively, they could use ASEC containers to transparently get more storage space on your SD card, without requiring any access to your persona files on the SD card.
The ability to download files without notification is where it starts to get properly concerning – note that these permissions are tucked away at the bottom of the list, so you must scroll to reach them. Quite why a keyboard needs the ability to not just download files, but do so without telling the user, certainly is worrying. How much data does it really need to download without telling you?
The ability to run at startup is fine. That’s something you would reasonably expect from a keyboard application. On the other hand, tucked away, immediately after perhaps the most innocuous permission, is the most invasive: full Internet access.
Yes, that’s right, Google Keyboard has full and unfettered access to the Internet, as well as your keystrokes, and contacts, and SD card contents, and identity. And our permissions list immediately jumps into saying that Google Keyboard can harmlessly use your keyboard. Anyone think there’s a little bit of “hiding” the nasty permissions going on here?
The next two permissions are innocuous, and allow access to the user’s custom dictionary—again, totally expected from a keyboard application. Finally, the permission to view network connections is requested. I once again cannot offer any insight as to why there’s a need for this, other than to facilitate the other existing permissions for accessing the Internet without your knowledge.
As a keyboard, Google’s offering is ironically rather well-endowed with permissions. Indeed, at this point, I thought it would be difficult to find a keyboard with even less regard for user privacy in its selection of permissions. Unfortunately, I was wrong.