PNP’s ‘Know Your Rights’ app updated to remove permissions

Victor Barreiro Jr.
PNP’s ‘Know Your Rights’ app updated to remove permissions
The app, while littered with extraneous code, is safe to download and use in its current incarnation

MANILA, Philippines – The developer of the “Know Your Rights” app of the Philippine National Police (PNP) pushed an update on Wednesday, December 6, which removed the permissions previously requested by the application to function.

The Know Your Rights app was released on December 4 to help policemen and the public learn more about human rights-related information.

Prior to the December 6 update, privacy issues were raised regarding the application by concerned citizens and tech journalist Art Samaniego Jr. 

The app previously requested access to one’s text messages, phone and phone call logs, and photos and other media files in order to work. There was also the issue of a malicious sounding codeword – “backdoor” – being part of the code.

Permissions previously used for app to work

In an email to Rappler before the update was released, the developer, Chief Inspector Juanito Gaces Jr, justified the inclusion of the permissions. He said they were needed for the app to function or were prepared as part of a future PNP program implementation. 

Gaces explained that access to text messages and text logs were to allow for feedback to be sent via text message. Calling functions were asked for due to a future implementation, which would allow the user of the app to call the PNP Human Rights Affairs Office hotline. 

Access to media files, meanwhile ,was requested in order to allow the app to play back translations of the Miranda rights warnings in a number of Philippine and foreign languages. 

THE 'BACKDOOR' REMAINS. Examining the code reveals the 'backdoor' code string still remains within the application.

Examining the application 

Rappler examined the December 6 version of the application and found that while some changes have been made to permissions, some of the extraneous code – notably the “backdoor” codeword mention – remain inside the application.

Gaces told us in the email that the “backdoor” code “pertains to activating the app before you can use it…like providing a license key. The activation module is not being implemented in this app.”

Upon examination the “backdoor” code really does nothing, and is unconnected to any function within the application. 

The app’s permissions also appear to have been taken off the code, but certain code that required those permissions – such as using text messages to send feedback – remain within the file.

Meanwhile, the audio files for the reading of the Miranda rights in different languages – a number of Filipino languages and in English, Taiwanese, Chinese, Korean, and Japanese – are now located within the application.

The app, while littered with extraneous code, appears safe to download and use in its current incarnation. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.