Latest Pandora Radio Security Permissions Leaves Listeners Puzzled

Pandora Radio, one of the most popular streaming music options out there, recently updated their Android application.  While updates are nothing new, the access the app requested left Pandora fans on Android wondering and quite puzzled.  Previously when installing updates, Pandora listeners were asked to grant the app internet access only.  Now in addition to the internet access, listeners are ask to grant the app access to contacts, something which leaves all of us a little confused.  At first glance, I thought that perhaps Pandora needed access to this for song sharing, but I really wasn’t sure. Time for a little Android Guy investigation.

In order to dig deeper we at Android Guys reached out for a statement from Pandora.  We asked why they needed access to a users contacts.  See their response below:

“We request contact access so sharing songs can be quick and simple.  When someone is listening to a song they like and want to share, that access enables us to immediately display their contact list so listeners can pick the friend(s) to whom they want to send that song.   That’s the sole purpose of the access request.  We don’t store, or save anyone’s contact book information, or access it for any other reason at any other time: we just access it for people in that specific instance.

We’re not able to make that explanation on the Android OS screen when it asks for permissions,  so it comes up as you noted below and can seem startling.   I’m glad to have this opportunity to clarify to Android users that the request for access is for the very basic reason: to make for an easier sharing experience that contributes to a more robust Pandora experience.  Thank you.”

While this response is honest enough, we should always remember that Android is an open platform, so there’s no walled garden protecting users from questionable practices. The benefit of having a phone that provides more freedom with apps means that you also have to take on the responsibility of policing your device. Always read the permissions before installing and think about why certain apps make certain requests. Whether it is Pandora or some random third party app, always keep an eye out.


About author

AndroidGuys
AndroidGuys 4629 posts

Founded on November 5, 2007, we've enjoyed bringing you the latest in Android news and rumors. Updated daily, we strive to deliver reviews, opinions, and updates on all things related to Android.

You might also like

News and Rumors

Qik Details Premium Features for EVO 4G

So you’ve probably heard over the last few weeks that Qik was going to be charging for some new, premium services now that the EVO 4G is out. Qik passed

News and Rumors

Verizon schedules Galaxy S III Jelly Bean update for December 14

Verizon today announced that the Android 4.1 Jelly Bean update will be available December 14. Those who own this particular device can manually download the update which also includes some

News and Rumors

Onavo Count 2.0 debuts with new UI, comparative data, and more

Need to get a better handle on which of your apps are helping to blow through your allotted monthly data plan? Sure, you could use the stuff that’s built into

12 Comments

  1. Jeff
    August 16, 20:13 Reply

    An enhancement request was submitted to add an optional description to the uses-permission manifest attribute. This description could provide a better explanation as to why an app is requesting the security permission. Unfortunately, this has yet to be accepted.

    http://code.google.com/p/android/issues/detail?id=5392

    • tooltamer
      August 17, 10:38 Reply

      your a tool…”retweeting”..your sucha tool

  2. Pretbek
    August 17, 04:02 Reply

    There are some other apps out there asking strange permissons. Like the AP news app, it also need 100% acces. No explenations for any of these permissons, if they would restrict dev’s to give them, it would leve us less wondering and more aware of things. :)

  3. String
    August 17, 04:45 Reply

    It would help a lot if the Market gave devs the opportunity to explain WHY we are asking for various permissions. Like Pandora, we often have a good reason, but it’s not immediately obvious. If you agree, please go star this issue in the official Android bug tracker:
    http://code.google.com/p/android/issues/detail?id=5392

    Devs should also explain their use of permissions on the website associated with their app, although few users go look there, unfortunately.

  4. Meko
    August 17, 07:41 Reply

    Thank you for following up on this. I wish when installing apps, there was an easier way to verify WHAT the permissions are needed for and not just what permissions you’re granting.

  5. mrchnd
    August 17, 08:27 Reply

    This is good, we need more folks to look into app permissions and call the devs on them.

  6. Vince
    December 22, 14:50 Reply

    See, it’s ok, as in iPhone, to have some control over apps. not only are they ALOT better, but safer for everyone! take some pointers Droid market…police your apps, make the BETTER and all will be fine, really, it’s ok.

  7. Matt
    January 28, 12:24 Reply

    My concern still is people can say all day this is what the permission is being used for but then still use the information any way they feel like….i dont believe in completely policing the android market, but I believe maybe in order to publish an app that requires more sensitive permissions the author should have to sign some legal agreement that if they get caught misusing private information they are held accountable….apps without needing such serious permissions are still free to be made by anyone and could publish no problem

    • arth
      January 25, 22:34 Reply

      The permission being abused seems to be exactly what’s happened with Pandora.  They now appears to have started e-mailing users found in the Android address book without request from the Android user. I received such an e-mail myself, “on behalf of” a user who would never ever share what he or she listened to, and especially not with me.

Leave a Reply