I installed a few new apps on my Android phone and realized they’re asking for way more permissions than I’m comfortable with, like location and microphone access. I’m worried about privacy but I don’t want to delete the apps if I can just limit what they can access. Can someone explain, step by step, how to change or revoke specific app permissions on Android, and if there are any settings I should double-check to stay more secure?
On modern Android you have a lot of control over this, no need to delete the apps right away.
Here is what you do:
- Open Settings.
- Tap “Apps” or “Apps & notifications”.
- Tap “See all apps” if you need to.
- Pick the app you worry about.
- Tap “Permissions”.
You will see categories like Location, Microphone, Camera, Contacts, Files and media.
For each one:
• Tap it, then choose:
– “Allow only while using the app” for stuff that makes sense, like maps using Location.
– “Ask every time” if you want to control it each use.
– “Don’t allow” if you do not trust it or the feature is not needed.
If you are on Android 12 or newer, you also get:
• “Approximate location” so it gets rough location instead of precise GPS.
• Mic and camera quick toggles in the quick settings panel. Swipe down twice from top, you should see Mic and Camera switches. Turn them off when you want hard blocking for all apps.
To see everything that has access:
- Settings → Privacy → Permission manager.
- Tap a permission type, like Location or Microphone.
- Review which apps are in “Allowed” and “Not allowed”.
- Tap any app in there and change it.
Some tips:
• Messaging apps often ask for Contacts and Storage. You can deny Contacts and still type numbers manually.
• Flashlight or simple utility apps do not need Location, Phone, or Contacts. Deny those.
• If an app breaks after you deny a permission, turn it back on only for what it needs. For example, a camera app needs Camera and sometimes Microphone, but not Contacts.
Also check:
Settings → Security & privacy → “Privacy dashboard” or similar. That shows recent access to Location, Mic, Camera, and lets you tap through to adjust.
If you worry about background tracking:
• For Location, avoid “Allow all the time” except for apps that must track, like a fitness tracker.
• For older Android versions, some apps still get more access than they should. Updating to a newer Android version helps a lot.
Last thing, if an app behaves suspiciously after you lock down permissions, uninstalling it is safer. If the dev asks for too much, there is often an alternative app with fewer permissions in Play Store.
Couple extra angles to add on top of what @yozora already laid out.
-
Start from the “nuclear view” instead of per‑app
Instead of going app by app first, flip it around:
Settings → Privacy → Permission manager (or just search “Permission manager” in Settings).
Check Location, Microphone, Camera, etc. and revoke first, then fix what breaks.
It’s slightly harsher than what yozora suggested, but it’s the fastest way to see who’s been overreaching. -
Auto‑reset unused apps
On Android 11+ there’s usually a setting like:
Settings → Apps → Unused apps (or “Permissions auto‑reset”).
Turn that on. Android will automatically yank sensitive permissions from apps you don’t open for a while, so old junk can’t quietly sit there with mic or location forever. -
Block “draw over other apps” and “install unknown apps”
These are under:
Settings → Apps → Special app access.
Check:
- Display over other apps
- Install unknown apps
- Modify system settings
If a random flashlight or wallpaper app has any of those, turn them off. That stuff is more dangerous than basic Location half the time.
-
Turn off “nearby devices” & “physical activity” where pointless
Same Special app access area has things like Nearby devices or sometimes “Physical activity.” If your to‑do list app wants “Nearby devices,” it’s a nope. Deny it. The app should still work fine. -
Use the quick privacy controls aggressively
Yozoara mentioned mic / camera toggles, but I’d say go a step further: leave mic and camera off by default and only flip them on when you actually need to make a call or use camera. Yeah it’s mildly annoying, but it’s also the closest thing to a hardware kill‑switch most people will ever get. -
Don’t trust “permission justification” popups blindly
Apps will often throw a scary popup like “We need full location for the app to function!”
Half the time: lie.
- Try tapping “Only while using the app” or deny and see if anything actually breaks.
- If they nag you every time, that’s a huge red flag about their priorities.
- Check for “sdk collector” style apps
If an app looks simple but asks for:
- Location
- Contacts
- Phone
- Storage
and it’s free, ad‑heavy, and from a no‑name dev, there’s a decent chance its real job is data harvesting. In those cases, honestly, I would just uninstall rather than fight with permissions. There are usually alternatives that only ask for 1 or 2 things.
- Last resort: separate profile
If you’re really paranoid about some apps but still “need” them:
Settings → System → Multiple users (or “Work profile” if your phone supports it via some app like Shelter).
Put more invasive apps in a separate user/profile, so they can’t see data from your main one. Bit advanced, but worth it if you’re running, say, a social app you really don’t trust.
You’re absolutely right to be suspicious. Apps will always ask for more than they actually need. Your job is to treat every permission like: “Do I really want this thing potentially active in the background?” If the answer is “ehh, not really,” flip it off and see what happens.
Skip uninstalling for a second. You can get pretty close to “paranoid but usable” with a few habits that sit on top of what @yozora and the follow‑up already covered.
1. Don’t rely only on Android’s permission screens
Those toggles are great, but they hide context. Two extra layers help a lot:
-
Notification hygiene
- If a random app is sending promo notifications, it’s usually also hungry for data.
- Long‑press a notification → turn off that category or all its notifications.
- Then go into Settings → Apps → that app → strip permissions that don’t match its new “silent” role.
-
Background activity control
- Settings → Apps → [app] → Battery.
- Restrict background activity for apps you only use on demand (scanners, shopping apps, etc.).
- This doesn’t directly edit permissions, but it limits how often they can use the granted ones.
This is where I slightly disagree with the pure “revoke first, fix later” approach: when you nuke everything at once, you might miss patterns. Watching who nags you, when, and how, is valuable intel.
2. Use permission modes smartly, not just on/off
A lot of people toggle between Allow and Deny only. Android offers more nuance:
-
“Only while using the app”
For location, microphone, and camera, prioritize this over full time access. Many apps work fine like this even if they swear they don’t. -
“Ask every time”
Great for apps you rarely use but want to keep installed. Yes, more taps, but it gives you a quick sanity check each time. -
Granular file access
- On newer Android: instead of giving “Files and media,” pick “Photos and videos” or “Music and audio” only.
- Some gallery or social apps ask for full storage. Give them the narrower option and see if they cope.
This slightly contradicts the suggestion to just leave mic/camera globally off all the time. For some people that works. For most, a mix of “Only while using” plus “Ask every time” is a more realistic long‑term fix.
3. Look for functional clues that permissions are abused
When deciding whether to keep an app installed at all:
-
Ask: “What core feature needs this?”
- Weather app: coarse location is reasonable. Contacts is not.
- Notes app: storage or photos sometimes; microphone only if you use dictation.
- Simple game: zero need for contacts, phone, or precise location.
-
Quick test process:
- Revoke the suspicious permission.
- Use the app normally for a day.
- If everything critical still works, you’ve just confirmed the permission was optional.
If the app becomes annoyware and keeps throwing “Enable X or we’ll cry” banners, treat that as a design choice, not a technical need. Personally, I’d uninstall at that point rather than wrestle with it forever.
4. Separate “trusted core” vs “throwaway” apps
Instead of going full separate profile like suggested (great but overkill for many), try this mental setup:
-
Core apps
Messaging, banking, password manager, maps, camera.- You allow only what they truly, obviously need.
- You keep them updated.
- You pay attention to permission changes after big updates.
-
Throwaway / nice‑to‑have apps
Flashlight, coupons, “photo enhancer,” meme makers, etc.- You give them almost nothing: no contacts, no phone, very limited storage.
- If they complain, delete and move on.
This mindset makes it easier to say “no” because you’re not treating every app as equally important.
5. Watch for permission creep after updates
A trick many people miss:
- After an update, some apps quietly request new permissions.
- In Play Store:
- Open the app page.
- Tap “About this app.”
- Scroll down to review the “Data safety” section and permission changes after a big version bump.
If something simple suddenly wants location or call logs after an update, that is your hint to clamp down or uninstall.
6. Network‑side privacy: when toggles are not enough
Permissions control what an app can read on your device. They do not control what it sends out once it has any access at all.
Consider:
-
Limit background data
- Settings → Apps → [app] → Mobile data & Wi‑Fi.
- Turn off “Background data” for sketchy or low‑trust apps.
- On Wi‑Fi, you can also enable metered network behavior to force more restraint.
-
Use a privacy‑focused DNS or firewall‑like app
Without naming specific tools, there are apps that:- Block known tracker domains.
- Show you which app is calling home.
- Let you cut off network access to certain apps while keeping them installed.
This is useful when an app “needs” a permission for a real feature but you don’t want it streaming every bit of metadata back to advertisers.
7. Practical “once a month” routine
To keep it manageable:
- Once a month, open Settings → Privacy → Permission manager and quickly scan:
- Location
- Microphone
- Camera
- Contacts
- Phone
- For each:
- Keep “Allowed all the time” to as close to zero as possible.
- Switch most to “Allow only while using” or “Ask every time.”
- Then open:
- Settings → Apps → Special app access
Check “Display over other apps,” “Install unknown apps,” and “Modify system settings,” but only for new installs since last check.
- Settings → Apps → Special app access
This workflow is lighter than full nuclear reset but still tight enough for strong privacy.
8. About “How To Change App Permissions Android” guides & tools
You’ll see a ton of “How To Change App Permissions Android” tutorials and apps in the Play Store that promise automatic privacy. Pros and cons in general:
Pros:
- Centralized dashboards that summarize which apps have dangerous permissions.
- Some can show histories or notify you when an app first requests something sensitive.
- Useful if you like visual overviews rather than digging through menus.
Cons:
- Many of these helper apps need broad access themselves to analyze other apps.
- Some are ad‑heavy and effectively become yet another data‑hungry app you have to police.
- Android already provides most of the core controls natively, so you might not need an extra layer.
If you use one of these, treat it by the same rules: minimum necessary permissions, no contacts/phone if it’s just an analyzer, and uninstall if it starts to feel invasive.
@yozora covered a lot of the structural stuff really well. Stacking these behavioral habits on top of their technical steps gives you a setup where:
- Apps get what they need at the moment you use the feature.
- Nothing sits quietly with powerful permissions “just in case.”
- You don’t have to delete everything, but you’re also not trusting anything by default.