You may have secured your computer using an Internet security Application, and you may have secured your wireless network, but what about your mobile phone?

A recent item on the BBC News website (Google Android Apps found to be sharing data) rang alarm bells for us. According to research, apps which run on Android don’t always behave as you’d expect. A study by US researchers discovered that a large proportion of the Android apps they tested do not tell users what is done with data they gather.

Of the 30 apps they tested,

“… 15 of them sent location information to advertisers but did not inform users that data was being shared with those firms. Some apps gathered and despatched location information even when an application was not running and some sent updates every 30 seconds”.

This is very similar to the spyware which ends up on our computers. The study also found that,

“… seven of the apps shared unique identifiers, known as IMEI numbers, when sending data. Others despatched phone numbers or SIM card serial numbers.”

The Android Permission System is rather basic, and although most apps do ask for permission to gather information, they don’t do enough to explain exactly where the data will be sent and how it might be used.

This is something Google should seriously consider tackling. Without going to the extreme of vetting all applications in the way Apple do for the iPhone, there needs to be safeguards built into Android itself. Only in this way can people be protected from unscrupulous application authors.

Unfortunately, Google don’t seem to be taking a responsible stance on this issue. They have said:

“We consistently advise users to only install apps they trust.”

But Mr Google, how can we possibly know which ones we can trust, and which we can’t?

The study’s authors say Android’s permission system effectively means users have to “blindly trust” the applications they install.

Mobile security analyst Nigel Stanley from Bloor Research said of the loose permission system,

“The blanket permissions a user gives on installing an app can give carte blanche to malware and spyware providers to collect as much private data as they want, under the protective nicety of a simplistic warning from the operating system.”

So next time you install an Android app, think very carefully about the permissions you give it. And if in doubt, check with the authors about exactly what data they collect and what happens to it – if they’re not open and honest about it when you ask, should you be trusting their Android app?