Does AI Make Better Choices Than You? The Risk of Mobile Permissions
Zoilijee Quero 12/08/2025 AI, Cibersecurity, Data Security
3 Minutos

Granting app permissions seems like a simple decision—just a tap, a “Allow” or “Deny,” and done. But we know that many times, you do it in a rush, without reading, or because the prompt interrupts you right when you need to open something quickly. That seemingly insignificant moment can determine how much access an app has to your personal data.

More and more apps request more permissions every day, and users like you are overwhelmed. That’s why a group of researchers set out to answer an interesting question:

Can AI help you make better privacy decisions?

Or worse—can it make choices that put your data at risk?

At TecnetOne, we reviewed the findings to explain, in plain terms, what this means for your privacy.

 

How the Study Was Done: 300 People vs. AI Models

 

The researchers ran an online experiment with over 300 participants who reviewed more than 14,000 permission requests from mobile apps, based on the Android permission system.

Here’s how it worked:

 

  1. Participants wrote a personal statement about how they handle their data.
    Examples: “I’m very careful about privacy” or “I don’t mind sharing data if the app needs it.”

  1. They then reviewed permission requests with and without context.
    For example:

    a. “Access your location.”

    b. “Access your location to show nearby restaurants.”

  2. Researchers had several AI models—generic and personalized—make decisions on the same requests.

  3. Finally, participants reviewed the AI’s decisions and said whether they agreed with them or not.

 

This comparison revealed how well the models aligned with human judgment and whether AI explanations influenced user decisions.

 

What AI Did Well: Caution and Consistency

 

The initial results were surprisingly good:

 

  1. Generic AI models matched human choices 70–86% of the time.
    Depending on the task and the model, AI aligned with the majority decision, showing reasonable behavior based on what “most people would do.”

  2. AI was more cautious than most users.
    When it came to sensitive permissions—like precise location, microphone, camera, or contact access—AI models were more likely to deny access than humans.
    That extra caution may seem excessive, but in privacy, it’s often better to be overly careful than too lax.

  3. AI explanations convinced users to reconsider.
    This is key. When a user initially disagreed with the AI’s choice, nearly half changed their mind after reading the explanation.
    This suggests that:

 

  1. People often make fast, impulsive decisions.

  2. Clear explanations can improve judgment.

  3. AI might help users rethink permissions they would otherwise allow without a second thought.

 

At TecnetOne, we see this as a potential tool to educate users about privacy, as long as it’s implemented responsibly.

 

Read more: The Evolution of Artificial Intelligence Driven Malware

 

Where AI Fails: Personalization Isn’t Always an Upgrade

 

The study also tested “personalized” models—those that were fed the user's data-handling statements to tailor decisions.

That’s where things got messy.

 

People Aren’t Consistent With Their Own Privacy Claims

 

Many participants made statements that didn’t match their real behavior:

 

  1. Some said they were strict with privacy but allowed nearly every request.

  2. Others claimed they didn’t mind sharing but ended up rejecting many permissions.

 

When the AI used those vague or contradictory statements to personalize its choices, its accuracy got worse.

 

Personalization Can Make AI Too Permissive

 

This is a serious risk.

A generic model that would normally reject a dangerous request could end up allowing it, just because the user said they’re “not too concerned about data.”

This leads to a classic problem:

“I said I don’t mind sharing data—doesn’t mean I want to accept everything blindly.”

In short, context matters, and personalizing AI without understanding real risk tolerance can weaken security.

 

Explanations Can Manipulate Users

 

One of the most unsettling findings:

When the AI gave wrong or unsafe explanations, many users still changed their minds to agree with it.

This reveals a psychological risk: AI’s perceived authority can sway users, even into making unsafe decisions.

 

You might also be interested in: Pentesting with AI: The New Generation of Penetration Testing

 

Study Limitations: What We Still Don’t Know

 

To be fair, this was a controlled experiment—not real-world usage.

 

  1. Participants were in “study mode”
    They may have paid more attention than they normally would when installing an app in everyday life.

  2. No real consequences
    In the real world, granting the wrong permission could expose your photos, contacts, or location. In the study, nothing was actually at risk.

  3. No malicious prompts were tested
    The study didn’t examine:

 

  1. Prompt manipulation

  2. Attempts to force unsafe decisions

  3. Adversarial examples designed to confuse AI

 

Any real-world AI permission system must defend against those.

 

  1. LLMs still have inherent risks
    AI models can:

 

  1. Give different answers each time

  2. Increase compute cost

  3. Add delays

  4. Consume resources

  5. Make subtle logic errors

 

Any LLM-based system must balance speed, cost, and safety.

 

What Does This Mean for You? Key Takeaways

 

After analyzing the study, we at TecnetOne see a nuanced picture:

 

  1. AI can help you make better privacy decisions
    Especially when you’re tired, distracted, or notification-fatigued.

  2. But AI isn’t foolproof
    One mistake on a sensitive permission can have serious consequences.

  3. Unsupervised personalization can backfire
    The AI might become too permissive if it misreads your risk tolerance.

  4. You need reliable explanations
    Not every AI model is suitable for educating users.

  5. The future of permissions may include AI
    But only with strong safeguards, such as:

 

  1. Strict rules on sensitive permissions

  2. Periodic human review

  3. Decision traceability

  4. Prompt manipulation controls

  5. Independent audits

 

Conclusion: AI Can Be Your Ally—But It’s Not Your Best Guardian Yet

 

This study raises an important question:

Will we let AI decide our privacy settings?

The honest answer is: not yet.

But we’re heading toward a future where it could guide you, correct you, and protect you from impulsive taps that expose your data.

At TecnetOne, we believe the best balance is this: AI gives you guidance. You make the final decision.

And both need transparent, secure, and well-designed tools to protect you.

 

Contact us

Tag:

AI Cibersecurity Data Security

National Cybersecurity Plan 2025–2030: Ambition Without Direction

Artículo Anterior
  • There are no suggestions because the search field is empty.

Categories

Most read articles

Adrian León 05/30/2025 Cybersecurity, cyberattack
Top 10 Dark Web Markets
Alexander Chapellin 04/30/2025 Cybersecurity, cyberattack
Top 10 Telegram Groups and Channels on the Dark Web
Alexander Chapellin 04/30/2025 Cybersecurity, cyberattack
Top 10 Browsers for Accessing the Dark Web with Anonymity
Jonathan Montoya 05/22/2025 Cybersecurity, cyberattack
Top 10 Deep Web and Dark Web Forums

Artículos Relacionados

Cybersecurity, Data Security
Gustavo Sánchez 12/05/2025

The Quantum Era and Airlines

When an airline as large as Iberia admits to a data breach, the immediate reaction is usually: what

Leer más
Cybersecurity, Data Security
Muriel de Juan Lara 12/04/2025

Coupang Suffers Major Breach: 34 Million Customers Exposed

Imagine that the largest e-commerce platform in your country—the “Amazon of South Korea”—discovers

Leer más
Cybersecurity, Data Security
Adriana Aguilar 11/28/2025

Gainsight Expands Impact After Salesforce Security Alert

Cloud security is once again being put to the test. This time, the impact is hitting companies that

Leer más