privacy_comicSteve Jobs was right to be worried about Android. It has conquered more market share than iOS. And so far the Samsung Galaxy S3 has been a hotter sell than the iPhone 5. Android is continuing to make strides, and developers I’ve talked to are more and more bullish about the platform. But as Android continues to affirm itself in the developer community, it’s still sorely lacking in one area: permissions, which let users know when and how their information from places like Facebook is being used by developers.

That’s an area where iOS has an edge, and Android needs to step up, says Olivier Amar, the chief executive of MyPermissions, a personal cloud security service. “Apple does a great job. Android doesn’t do a very good job at controlling permission. It’s more complicated,” says Amar. The company has a service that lets users quickly see which apps they’ve granted access to their online information, via a dashboard. There a user can do things like revoke access or report a service, if they so choose.

Next week, MyPermissions will launch an Android app. The company already has an iOS app. For now, the Android app will work in much the same way as the Apple one, but in time Amar hopes to tailor the Android offering more to that community’s needs.

With something as seemingly boilerplate as permissions, it seems sufficient for the company’s services to live on the Web, but Amar insists it’s important to be able to control these things on the fly. He recalled talking to one of his investors, and one of Amar’s business partners asked him, “Hey, are you on a diet?” Baffled, the investor the investor saw that Tweets about a dietary supplement had been sent out on his account. And three other Tweets came after that. As he was tied up in a meeting, he couldn’t fix the problem until hours later.

While Amar says that some services have gotten complacent, he also says developers are not to blame, since they are only using resources that are available to them. But there are a few best practices that developers can remember. “Only ask users for what you need. And don’t ask for everything up front,” he says, because users forget what they are agreeing to. “Ask when you need it.”

The service has genuine utility, especially for a privacy nut like me. When signing up for a new app, and there is a choice to either sign up through Facebook or create a new account from scratch, I am more likely to do the latter. Call me paranoid, but I just tend to be skeptical over privacy issues. As a tech reporter covering companies with new apps, many times there is no way around a Facebook sign-in, so I reluctantly agree.

But Amar says, rightly, that the onus is ultimately on users like me: “At the end of the day, the user has to read up on what they are getting into,” he says.

[Image courtesy Gwydion M. Williams]