Hi,

I had thought to install the android version of myFitnessPal however I'm a bit iffy about the permissions that the app seems to require. I was wondering if anyone can advise on why the app needs these permissions ? They seem quite invasive (if thats the right word) Thanks.

App permissions reproduced from the google play site :

This application has access to the following:

Hardware controls

Take pictures and videos
Allows the app to take pictures and videos with the camera. This allows the app, at any time, to collect images that the camera is seeing.

Network communication
full Internet access
Allows the app to create network sockets.

Your personal information
read contact data
Allows the app to read all of the contact (address) data stored on your tablet. Malicious apps may use this to send your data to other people. Allows the app to read all of the contact (address) data stored on your phone. Malicious apps may use this to send your data to other people.

Phone calls
read phone status and identity
Allows the app to access the phone features of the device. An app with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to, etc.

System tools
change Wi-Fi status
Allows the app to connect to and disconnect from Wi-Fi access points and to make changes to configured Wi-Fi networks.
change network connectivity
Allows the app to change the state of network connectivity.
prevent tablet from sleeping prevent phone from sleeping
Allows the app to prevent the tablet from going to sleep. Allows the app to prevent the phone from going to sleep.


Sorry for length of post . Thanks again.

Take pictures - this is so you can scan bar codes on products to get the nutrition info - super fabulous feature

Internet Access - to access the food database

Everything else - just the same things pretty much every other app says and never actually does anything with

I LOVE the app! The bar code scanner is so full of fabulousness, makes me wish all food had bar codes. Being able to log whenever and where ever I am is a lifesaver - because I totally would forget so many things before I get back to a computer.

Hello,

Thank you for taking the time to contact us. I apologize for any confusion or concern our "permissions" may have caused. I can assure you we are very concerned and protective of your personal information.

The way that permissions are requested on iOS is different than on Android, so in many cases we do not need to request the same broad permissions on iOS that we do on Android to achieve the same goals. The functionality of our iPhone app is very similar to that of our Android application so any permissions we do request are typically used in almost an identical way in both applications.

CAMERA

MyFitnessPal has only one feature which requires the "CAMERA" permission, our barcode scanner. This feature allows our members to use their device's camera to scan the UPC codes or barcodes of packaged foods and quickly add them to their daily food journals. The user must press a button to initiate the scan and this is the only time where we will access the device's camera from within the application. In this case, we would prefer to only request this permission when a user attempts to use this feature, but that's not possible on Android at this time.

PHONE STATE AND ID

Our application does not need to know what number the user may be calling or the phone number of the user's phone. These capabilities are included as part of a broader permission called "READ_PHONE_STATE" that we request from our members. We require this permission to allow us to access the device's unique id. We use this device id for a variety of different purposes including application analytics and troubleshooting as well as for advertising optimization. We do not at any time attempt to look at the number a user is calling or the phone number of the user's phone. Unfortunately, we can't ask for only part of the Phone permission "package" because of the way Android is designed.

ADDRESS BOOK

We request access to the contact database on the phone to allow our members to use their contact data to invite a friend to use the service via email. The contact data is only accessed if the user explicitly requests to use this feature in the app. If the user chooses not to invite a friend using their contact data the data will not be otherwise accessed or stored in the app or on our servers.

Hopefully, those answers help to clarify why we request certain permissions and how we utilize any data accessed via those permissions. We are extremely conservative with our use of private user data, as laid out explicitly in our Privacy Policy here: privacy_policy">http://www.myfitnesspal.com/welcome/privacy_policy

I hope these answers will assuage any concern regarding the permissions our app requests. Please let me know if you have any additional comments or concerns, I would be happy to help.

Cheers,
Scott
MyFitnessPal Staff

Any possibility you could create another version without the extended permissions? I think there are quite a few security- and privacy- conscious individuals who would be willing to accept the reduced functionality in exchange for knowing their information is secure.

Hello,

This is not an issue of MyFitnessPal wanting access to these permissions, it is more that to develop an Android application there is not fine detail permissions that we can request to do the core functions the application accomplishes. So for this reason we have to request these broad sweeping permissions to make the application functional, to request less permissions and provide another application that accomplishes less would create even more fragmentation on a platform that has to be tested on dozens and dozens of devices. The best workaround that can be offered is for you to use the web browser to access MyFitnessPal if you are concerned with the security of your device and are willing to sacrifice certain features.

Regards,

Tom
MyFitnessPal Staff