Typically, types of permissions cover functions that may have privacy implications, such as the ability to access a device's hardware features (including the camera and microphone), and personal data (such as storage devices, contacts lists, and the user's present geographical location).
[3] Usage of permissions on Android are sometimes abused by app developers to gather personal information and deliver advertising; in particular, apps for using a phone's camera flash as a flashlight (which have grown largely redundant due to the integration of such functionality at the system level on later versions of Android) have been known to require a large array of unnecessary permissions beyond what is actually needed for the stated functionality.
iOS imposes a similar requirement for permissions to be granted at runtime, with particular controls offered for enabling of Bluetooth, Wi-Fi, and location tracking.
The permission mechanism has been widely criticized by researchers for several reasons, including; Some apps, such as XPrivacy and Mockdroid[19] spoof data in order to act as a measure for privacy.
Further transparency methods include longitudinal behavioural profiling and multiple-source privacy analysis of app data access.