Actual Meaning of Google Drive App Permissions?
I'm trying to understand what the permissions granted to a Google Drive connected app actually mean. The example I'm looking at is MindMup 2 For Google Drive, but it could be almost any as the permissions requested seem typical.
Google Account permissions requested include:
- See, edit, create, and delete only the specific Google Drive files you use with this app.
- See and download all your Google Drive files
- Connect itself to your Google Drive
- Manage your photos and videos
- See your primary Google Account email address
- See your personal info, including any personal info you've made publicly available.
Permission 1 seems OK, the App obviously needs access to its own files.
Permission 2 seems absurd, see and download all Drive files! So my first question is, does that literally mean what it sounds like? That is, the company behind this app is asking for unfettered access to all my Google Drive documents so it can download all my Drive files, even the ones that have nothing to do with the app?
But I'm confused about the apparent contradictory permissions between (1) and (2), or (1) and (4) for that matter. They can't both be valid, (can they?) so which permission is prime?
Does anyone know if this is what an app vendor has to ask for, in order to get their app operational? Or are they claiming permissions wildly in excess of what they need, to trawl through my data?
And if the answer to the last question is that they are claiming wildly excessive permissions, why does Google allow this?
