GoKawiilApps often request more permissions than they need, and this represents a privacy risk for some of your most sensitive data. Android currently blocks apps from seeing certain types of sensitive information, like your contacts or camera roll. However, the permissions manager for each data set is different, and granting an app access to your contacts surrenders all of them. That’s changing in Android 17 , as Google is introducing a Contact Picker that adds support for granular data requests and approval.
In a post on the Android Developers Blog , Google revealed how the Contact Picker will work to safeguard the contents of your contacts. We first spotted this upcoming feature last November, and it’s now official. Soon, selecting contacts will work just like selecting photos using Android’s Photo Picker . Instead of using the all-encompassing READ_CONTACTS permission, Android 17 will use the Intent.ACTION_PICK_CONTACTS intent.
The Android Contact Picker API crucially adds support for granular data requests. Apps will still be able to ask for permission to access your contacts, but in Android 17, they can only see the specific contacts you select. Additionally, these apps can ask for the specific data fields required. So, if an app wants access to phone numbers stored in your contacts, it can ask for that individual data field instead of intaking the entire contact record. It can do this using the following example data types:
ContactsContract.CommonDataKinds.Phone.CONTENT_ITEM_TYPE
ContactsContract.CommonDataKinds.Email.CONTENT_ITEM_TYPE
ContactsContract.CommonDataKinds.StructuredPostal.CONTENT_ITEM_TYPE
Android 17 will support selecting one or multiple contacts at once using the new Contact Picker, which should make bulk permissions requests simple. On the developer side, apps can restrict how many contacts users can select at once. Using this API, read access for contact records is temporary.