Register now for Android Dev Summit 2019!

Android Q privacy: Changes to permissions

This document describes several changes to the permissions model. These changes serve to enhance user privacy.

The following changes affect all apps running on Android Q, even if they target Android 9 (API level 28) or lower.

Restricted access to screen contents

To protect users' screen contents, Android Q prevents silent access to the device's screen contents by changing the scope of the READ_FRAME_BUFFER, CAPTURE_VIDEO_OUTPUT, and CAPTURE_SECURE_VIDEO_OUTPUT permissions so that they're signature-access only.

Apps that need to access the device's screen contents should use the MediaProjection API, which displays a prompt asking the user to provide consent.

User-facing permission check on legacy apps

If your app targets Android 5.1 (API level 22) or lower, users see a permissions screen when running your app on Android Q for the first time, as shown in Figure 1. This screen gives users the opportunity to revoke access to permissions that the system previously granted to your app at install time.

Screen capture of dialog
Figure 1. User-facing dialog that allows review of legacy permissions

Physical activity recognition

Android Q introduces a new ACTIVITY_RECOGNITION runtime permission for apps that need to detect the user's step count or classify the user's physical activity, such as walking, biking, or moving in a vehicle. This is designed to give users visibility of how device sensor data is used in Settings.

If your app relies on data from other built-in sensors on the device, such as the accelerometer and gyroscope, you don't need to declare this new permission in your app.

If your app targets Android 9 (API level 28) or lower and specifies the com.google.android.gms.permission.ACTIVITY_RECOGNITION permission in its manifest file, the system auto-grants this permission to your app if needed. When you update your app to target Android Q, the platform is intended to retain the permission; however, because of a known platform issue, the permission is reset instead upon updating. Additionally, the user can revoke this permission at any time in system settings.

Permission groups removed from UI

As of Android Q, apps cannot look up how permissions are grouped in the UI.