Adamya Sharma / Android Authority
TL;DR
- Google is developing a new Contacts Picker tool for Android 17 to fix the current all-or-nothing contacts permission.
- This tool will allow you to share specific contacts with an app, rather than your entire contacts list.
- Access will be a one-time snapshot, and apps can request only the specific data fields they need.
Your device’s contacts list holds a treasure trove of sensitive data that many apps want to get their hands on. Fortunately, Android’s permissions system prevents apps from accessing your contacts without your knowledge. Unfortunately, it’s an all-or-nothing system: You either grant an app access to all your contacts or none of them. This is highly problematic because it forces you to grant many apps full access to your contacts even if they don’t need it. Next year’s Android 17 update could tackle this problem by introducing a system Contacts Picker tool that allows you to select specific contacts to share with an app, rather than giving it access to your entire contacts list.
How Android apps currently read your device’s contacts
Every Android phone has a centralized, local database of contacts. The operating system guards access to this database to prevent apps from reading it directly. Instead, apps must interact with the Contacts Provider, a system component that provides APIs for retrieving or modifying information in the contacts database. To use these APIs, applications must hold the READ_CONTACTS permission to read data and the WRITE_CONTACTS permission to write it.
The problem with this approach, as I mentioned, is that it’s all-or-nothing. An app either gets full read or write access to your entire contacts list, or it gets no access at all. While messaging and social media apps might have a legitimate need to see all your contacts, many other apps only need to access one, two, or just a handful. However, because of how Android currently manages contacts access, these apps have no choice but to request broad permissions.
Mishaal Rahman / Android Authority
While the permission model is the most common method, there is technically another way for an app to access contacts. Instead of interfacing with the Contacts Provider directly, an app can use an intermediary — the system’s default contacts app — to read information about a contact. Since the contacts app already has full access to the contacts database, it can safely retrieve this information on behalf of other apps without requiring a new permission prompt.
However, this approach is riddled with flaws. First, there isn’t a single, unified contacts app across all Android devices. Although Google provides a reference app in the Android Open Source Project (AOSP), most manufacturers either create their own (like Samsung) or use Google’s Contacts app. This fragmentation means the contact-picking experience can be inconsistent, creating complications for developers.
Second, this method only allows an app to pick a single contact at a time. If an app needs more than one, it has to repeatedly ask the user, which is a frustrating experience. Third, there’s no way for you to limit what information about a contact gets shared. Finally, the underlying API has issues, with many developers finding they need to request the broad READ_CONTACTS permission anyway to avoid problems.
Mishaal Rahman / Android Authority
These shortcomings are likely why Google is developing a new system Contacts Picker tool for Android 17. This move would follow a similar change Apple introduced to iOS last year.
Don’t want to miss the best from Android Authority?
How Google will improve privacy with Android 17’s Contacts Picker
Google is developing a new, dedicated “Contacts Picker” application, as I discovered in the latest Android Canary release. This app provides a new, privacy-preserving way for other apps to select contacts, similar to how Android’s Photo Picker works for media selection. Under the hood, the new Contacts Picker is registered to handle the standard system request for selecting contacts (ACTION_PICK with the vnd.android.cursor.dir/contact, phone_v2, email_v2 MIME types), but it’s configured with a higher priority (101) to ensure it takes precedence over the device’s default contacts app.
Mishaal Rahman / Android Authority
Strings within the Contacts Picker app reveal that you’ll be able to select one or more contacts to share with an app at a time. The app will then get access to all the available information for the contacts you select, such as their address, birthday, email, and name. Crucially, this access appears to be a one-time snapshot. The app will not receive any subsequent updates you make to a contact’s information, further protecting your privacy by preventing apps from tracking changes over time.
Code
Copy Text%1$s will only have access to info from the contacts you select
When you select a contact, %1$s will have access to the following info from your device contacts.\n\nIf you make any updates to the contact info, %1$s won’t have access to the changes.
Contact info can include details such as:
New code within the OS reveals additional information about how the system Contacts Picker will work. The ContactsPickerSessionContract class shows that Android 17 is adding a new, dedicated Intent action called ACTION_PICK_CONTACTS. This will give apps the ability to directly invoke the new Contacts Picker.
More importantly, this new action includes Intent extras that will allow apps to be much more specific
Mishaal Rahman / Android Authority
about what they need. For example, they can:
- Limit how many contacts the user can select at once using EXTRA_PICK_CONTACTS_SELECTION_LIMIT.
- Specify what specific data fields they need (e.g., only phone numbers) using EXTRA_PICK_CONTACTS_REQUESTED_DATA_FIELDS.
This gives developers a granular way to request access to only the necessary data from one or more contacts, a significant improvement for user privacy.
The new Contacts Picker is clearly a work in progress. In its current state, it doesn’t yet handle the new ACTION_PICK_CONTACTS Intent. We also know it’s not yet active, as the feature is hidden behind a disabled flag in the latest Canary release.
Google is likely targeting Android 17 for this feature’s debut, since it introduces a new API and changes a common intent that many apps use. This is supported by code within the Contacts Picker app that checks the SDK version of the calling app. For apps built for Android 17 and later, the new Contacts Picker will handle the request; for older apps, the request will be forwarded to the device’s default contacts app to maintain compatibility.
However, this new approach has one major hurdle: it’s optional. Nothing will stop developers from continuing to request broad access to your contacts anyway. For this feature to make a real difference, apps must be updated to use the new Contacts Picker. While some privacy-conscious developers will adopt it quickly, many will not.
To drive widespread adoption, Google will likely need to follow the same playbook it used for the Photo Picker. This would involve backporting the feature to older Android versions, providing support through its AndroidX library, and eventually enforcing its use through Google Play policies. If Google takes these steps, the Contacts Picker could become a significant privacy win for all Android users.
Thank you for being part of our community. Read our Comment Policy before posting.