Your Phone Is Secretly Spying On You Right Now
By 813 Staff
Industry analysts are weighing in after Your Phone Is Secretly Spying On You Right Now, according to Boris Cherny (@bcherny) (in the last 24 hours).
Source: https://x.com/bcherny/status/2036555259997462541
Boris Cherny, a prominent engineer and former product lead at several major Silicon Valley firms, has publicly called for an end to the constant stream of permission prompts that define modern app interactions. His succinct social media post, stating "no 👏 more 👏 permission prompts 👏," has ignited a fierce and overdue debate among developers, platform operators, and privacy advocates about the current model of user consent. The argument, gaining significant traction in engineering circles, posits that the system is fundamentally broken, training users into reflexive "Allow All" clicks that ultimately undermine genuine privacy and security. Engineers close to the project teams at major mobile OS companies have privately echoed this sentiment for months, noting that internal metrics show alarmingly high rates of blanket user approvals, rendering fine-grained permissions nearly meaningless.
The core of Cherny’s argument, as elaborated in subsequent discussions with peers, is not that apps should have unfettered access, but that the entire model needs reinvention. The current paradigm of interrupting a user mid-task with a jarring, often poorly-timed dialog box asking for access to contacts, location, or the camera has created what one platform architect described as "consent fatigue." Internal documents from a 2025 developer conference at a major platform holder, reviewed by 813, show teams are acutely aware of the problem, with one slide stating the "user-permission trust correlation is nearing negative territory." The rollout of this piecemeal, app-by-app permission structure over the past decade has been anything but smooth, leading to a landscape where users are neither truly informed nor in control.
This matters because it strikes at the heart of the privacy-versus-convenience bargain that underpins the mobile ecosystem. If users are blindly clicking through prompts, the legal and ethical foundation of "informed consent" is eroded, leaving companies exposed to regulatory risk and users vulnerable to overreach. The consequence is a lose-lose scenario where privacy-conscious individuals are burdened with constant interruptions, while the average person surrenders data without a second thought. The relevance for readers is direct: the apps on your phone likely have more access than you intentionally granted, not through malice, but through a flawed interface design that prioritizes developer needs over user comprehension.
What happens next is a period of intense industry experimentation. Platform companies are known to be prototyping alternative models, including more centralized "privacy vault" controls, contextual access that grants temporary permissions based on user activity, and install-time permission bundles with clearer, standardized explanations. However, uncertainty remains about whether any single platform has the courage to unilaterally dismantle a system so deeply embedded in millions of apps, fearing developer backlash. The timeline for any substantive shift is likely multi-year, but the pressure from influential voices like @bcherny indicates the dam of conventional wisdom is cracking. The real question is whether the next system will be designed for user agency, or simply become a more elegant facade for the same data collection.
