Smartphone users who download apps may be agreeing to let developers spy on their private lives and push up their phone bills, the consumer watchdog has warned.
Users are often asked to give permission to use phone functions and collect personal data when they download apps onto their phones. If they do not allow the requests, the app cannot be used.
The Consumer Council found that 13 instant messaging apps for Android phones together made 61 such requests, or more than four per app.
Some permissions are required for the apps to operate. Others may incur unwanted charges and intrude on the privacy of the user.
For instance, 12 of the apps sought permission to access the phone's camera and microphone, which could activate the filming or recording functions without users knowing, the council warned yesterday.
"Sensitive audiovisual material may be recorded without your knowledge," it said.
There are other permissions that put users at risk of being spied on.
Nine apps wanted to know the locations of the users, the council found. Some demand "full network access", which allows the app to read photos and videos stored in the phone via the internet, and to read the contacts listed in the phone directory.
In seven of the apps, the developers wanted to be able to call the stored phone numbers - presumably again without the users' knowledge. That may lead to hefty charges if the users set their phones to roam while travelling overseas.
Eight apps requested permission to send text messages. In some cases, the users' contacts received invitations to download the app, resulting in charges from telecommunications operators, the council found.
Users are sometimes asked to give blanket permission to a few requests at one go. They should view the detailed list of permissions, the council said.
Smartphone users can also turn off their Wi-fi and data connections to prevent the apps from triggering phone functions automatically.