Android Gemini Access to Third‑Party Apps: Privacy Risks in 2024

Starting Monday, Google began rolling out a platform update for Android 14 (API level 34) that expands the capabilities of its on‑device AI assistant, Gemini. The change introduces a new system API called "AppInteraction" that grants Gemini read‑level access to the UI context and data of any third‑party application unless the user explicitly disables a toggle in Settings → Apps → Gemini → Allow access to third‑party apps. By default, the permission is enabled, meaning Gemini can retrieve information such as displayed text, input fields, and runtime UI state from apps ranging from messaging clients to banking suites.

The technical foundation of the feature relies on a new runtime permission, `android.permission.ACCESS_THIRD_PARTY_APP_DATA`, and a set of AIDL interfaces that expose an "Intent‑based data bridge" between Gemini and other packages. This bridge is similar in concept to Apple’s "App Intents" framework but provides broader access to the current UI hierarchy, enabling Gemini to answer context‑aware queries in real time. The update also adds a companion permission `android.permission.USE_GEMINI_APP_INTERACTION` that developers must declare in their app manifests to opt‑out of the data sharing model.

Security researchers have flagged the expansion as a significant privacy and attack‑surface concern. Trend Micro demonstrated a proof‑of‑concept malicious app that, when granted the new permission, could exfiltrate message content from a popular messaging client by issuing a series of Gemini‑mediated UI reads to a remote server. Google Play Protect has been updated to flag apps that request `ACCESS_THIRD_PARTY_APP_DATA` without a legitimate use case, but the default‑allow behavior means that users who do not manually disable the toggle remain exposed to potential data‑leakage scenarios.

Users are advised to navigate to Settings → Apps → Gemini and turn off "Allow access to third‑party apps" to revoke the broadened permissions. Enterprise administrators can enforce this configuration across managed devices using Mobile Device Management policies that set `PolicyManager.POLICY_GEMINI_THIRD_PARTY_ACCESS` to disabled. Google has stated that future Android releases will introduce granular per‑app controls and additional audit logging for the AppInteraction API, but in the interim, the change underscores the trade‑off between AI convenience and privacy exposure on the Android platform.