a place to identify what permissions a tracker requests

[jawz101]

We currently analyze an app to show what manifest permissions the app has but trackers document what manifest permissions they require or can use.

This would require digging through the documentation on the SDK pages but I think it's important and useful to see what manifest permissions might be solely required by a tracker.

"I have a game that requests location permission but there's no reason its gameplay needs location permission."

I think it's important to highlight this to app developers so they know the consequences of some trackers overstretching and tarnishing an app's reputation for excessive permissions. When developers are struggling to get an app out of 1-star territory because they've tried to monetize with crappy ad networks, perhaps it is a matter of highlighting what crappiness can come with some trackers.

It might also be nice to have a GDPR flag if a network says they respect GDPR and if they respect the android advertising ID.

http://users.eecs.northwestern.edu/~hxb0652/HaitaoXu_files/INFOCOM2018_2.pdf

https://hackernoon.com/app-monetization-data-vs-ads-b9d449584618?gi=86261475b444

https://forum.xda-developers.com/showthread.php?t=2366205

https://forum.unity.com/threads/unity-5-1-adds-android-permission-read_phone_state-automatically-how-to-remove-it.333431/page-3

https://android.stackexchange.com/questions/50091/heyzap-interstitial-ads-in-every-app

I also have a theory that more ad networks are going to hover around certain types of apps that have a main function to, say, record audio/video or a weather or fitness app that naturally needs location permission. It's a way to piggyback off of an expected permission.