Google removes an undocumented App Ops control panel from its latest release, Android 4.4.2, that had let users choose which app permissions to enable.

Google, in its Android 4.4.2 release every week ago, removed an undocumented, experimental privacy control panel that were released inadvertently in July as part Android 4.3.

The control panel, called App Ops, allowed Android users to disclaim the provision of selected permissions in an app. Though it was not accessible to users without some technical knowledge, it was immediately noticed and made available through Android apps that provided shortcuts to the hidden interface.

App Ops turns Android’s permission model on its head. As opposed to allowing the developer to offer an inventory of requested (and customarily necessary) permissions to the user for all-or-nothing approval, the control panel allowed users to disable certain permissions while leaving others in place.

In a blog post Wednesday, Peter Eckersley, technical projects director on the Electronic Frontier Foundation, praised App Ops Launcher, a 3rd-party shortcut app to App Ops, as “an important advance in Android privacy.” He lauded the Android engineers for “giving users more control of the info that others can snatch from their pockets.”

[ Android phone acting strange? Better read this: Android Security: 8 Signs Hackers Own Your Smartphone. ]

Upon learning that Google’s most modern Android update had eliminated the prestigious feature, Eckersley reported that Google said the feature were released “accidentally” and have been withdrawn since it could break some apps. “We’re suspicious of this explanation, and don’t think that it in anyway justifies removing the feature in place of improving it,” he said in a second blog post.

When asked to clarify the placement, Google declined to comment.

This isn’t the first time experimental code has come again to haunt Google. In 2010, when it disclosed that it were inadvertently collecting WiFi payload data through its Street View cars, Alan Eustace, senior vp of engineering and research, attributed the lapse to experimental WiFi data-gathering code that were added to a project designed to gather a narrower, less sensitive set of knowledge about WiFi network characteristics. To handle the difficulty, Google conducted an internal review of its procedures “making sure that our controls are sufficiently robust to deal with these types of problems at some point.”

Perhaps Google’s explanation can be less subject to suspicion if the corporate said that the incomplete software have been accidentally discovered, instead of accidentally released. That shifts the scenario from inattentive engineers to wily users.

Giving users control over an app’s ability to access location data and speak to data, to post notifications, to take advantage of the camera, etc might need privacy benefits, but doing so also raises issues about where user rights start interfering with developer rights. Should app users have a great way to disclaim, say, location data to a game designed to depend upon it, like Google’s Ingress, thereby rejecting the take-it-or-leave-it permissions request presented by the app maker? There are other issues, too, akin to potential increased support costs when users revoke a vital permission after which seek assistance to revive their no-longer-functional app.

Google needed to confront this issue in AdBlock Plus, which it banned from Google Play for interfering with the functioning of different mobile apps. App alterations, whether or not they aim to dam ads, revoke permissions, inject data, or alter an interface, often might be accomplished by the technically skilled. Usually, this is not a controversy. But if it becomes simple enough for anyone to do, and it presents problems for developers or platform owners, you could expect some friction.

Coincidentally, the software engineers engaged on Google+ may need already get a hold of a solution within the variety of incremental authentication, a more granular solution to permissions. Android engineers, understand.

Thomas Claburn is editor-at-large for InformationWeek. He was writing about business and technology since 1996 for publications corresponding to New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. He’s the writer of a science fiction novel, Reflecting Fires, and his mobile game Blocfall Free is accessible for iOS, Android, and Kindle Fire.

IT groups need data analytics software that’s visual and accessible. Vendors have become the message. Also within the State Of Analytics issue of InformationWeek: SAP CEO envisions a younger, greener, cloudier company (free registration required).

More Insights