Hello, I am happy to have stumbled on this website when I came across a post that taught me how to expose my localhost host to the internet for remote access.
I went through some posts and I see this is a good platform to share my thoughts as I progress in my programming career.
Talking about ethics, I'll like to know your thoughts about a situation I found myself in a few days back.
I got a job with a client and he requested I create a simple android app that can be used to store a user basic bio-data.
The twist in this was that he said I should also upload their GPS location, contacts and SMS as CSV files when they click on the signup.
I actually created the app and it's working well. But I didn't eventually deliver it to the client simply because I wasn't comfortable with the privacy issue.
I will like to know what you would have done if you were in my shoes and support your choice of action with arguments.
Top comments (2)
The fact that you stopped to think is already an indication that there was something fishy there :-)
Does the app ask permission to access all that data? Is there a reason for the collecting? I can't think of a reason for an app that registers biometrics to collect the contact list or the messages unless the user is notified about it and it makes sense in the context of a function.
Long story short: hell no :D
By default, Android will always ask the user to allow/deny permission to read contacts or SMS (which I am sure many guys will just click the accept button).
But I am definitely sure if they knew what was going to happen after they allow such permission, such users won't dare accept it