The Personal Analytics Companion
Mobile, Behavioral Research Platform
Check out http://www.pacoapp.com/ to manage your experiments.
-=-=-=-=-=- Paco's use of Permissions-=-=-=-=-=-
Paco is a bit unique in that installed it needs almost no permissions. It is a platform for experiments created by others.
The rest of the permissions are used by individual experiments that one might join. Before a user can join an experiment, they are shown an Informed Consent screen. It reminds the user to pay attention to the policy presented by the experiment creator and it lists the types of data that the experiment collects. A user can decide not to join by backing out of the Informed Consent screen and can only join if they actively consent. My hope is to get people to pay more attention to what they sign up for online or in applications. Also, a user can stop an experiment at any time from the Running Experiments screen.
Please read on to see an explanation of the specific permissions that Paco requires.
Device & app history: An experiment may request access to log app usage and browsing history in order to develop interventions or user studies around those behaviors. This will be listed specifically as a type of data collected on the Informed Consent screen when a user starts to join an experiment.
Identity (find accounts on the device, add or remove accounts): Paco uses this for authenticating a user through Google's authentication service - thus the need for a Google account to use Paco.
Location: Similar to a question that an experiment may present to a user, one of the items it may present is a request to collect the location at that moment as well.
It is one type of question essentially.
The user can also turn off their location service if they do not want to reveal their location yet respond to the other items. This is listed as "experiment data responses" in the Informed Consent screen.
Location is not listed separately because it can only be gathered when a user explicitly responds to an experiment.
There is no background location collection.
Photos/Media/Files (modify or delete the contents of your USB storage, test access to protected storage):
An experiment may have a photo input item that prompts the user to take a picture. It stores the picture on external storage.
Take pictures and videos: An experiment may prompt the user to take a picture.
Read phone status and identity: An experiment can be triggered by a system event such as hanging up a phone. If that event occurs the participant will be notified to respond to that experiment.
Neither the experiment or Paco accesses any other aspect of phone status other than that a phone call has been started or ended.
Use accounts on the device: Paco uses this to authenticate the user. It does not access it until the user tries to Find Experiments to Join at which point it needs to authenticate.
View network connections: Paco only uploads experimental data when there is a network connection. It will store data locally until it is told there is a network connection at which point it will try to sync
to the server.
Full network access: Paco has to download experiment definitions, update those definitions, authenticate the user, and upload experiment data. It only does this over https, but, it requires the network permission to upload.
Control vibration: Paco is set to vibrate as part of the notification to the user to respond.
Prevent device from sleeping: When Paco wakes up to create a notification to remind the user to respond, or do other background work, it needs to make sure it can finish that work. Usually this is on the order of milliseconds and then it goes back to sleep.
Run at startup: Paco needs to reset all notifications for users to respond after the phone is rebooted. Android deletes tray notifications when the phone is shutdown.
Small bug fixes