Why we built a Permission dashboard for 12 apps

The clipboard moment that changed our roadmap

That user's question haunted me. She wasn't careless or paranoid. She'd simply never been shown what Instagram could do. iOS Settings exists, sure, but most people never open it. And even if they do, the permission interface is fragmented across a dozen different pages. You have to hunt for each app, then hunt through each permission category.

We realised our job wasn't to replace iOS Settings. It was to make the invisible visible. To walk someone through the apps they actually use and say, plainly: this app asks for access to your location, your photos, your contacts, and yes, your clipboard. Here's a privacy risk score. Here's what it means.

The question then became: which apps? We could have tried to scan every app on someone's phone, but iOS sandboxing prevents that. Third-party apps can't audit other apps' real permissions. We had to be honest about that limitation from day one. So instead, we chose 12 apps that span the way most people actually use their phones: social media, messaging, maps, email, health, finance, shopping.

Twelve felt like the right number

I spent a week looking at app store download stats, user install patterns, privacy research papers. Twelve kept emerging as a sweet spot. It's enough to show real permission patterns. It's not so many that someone scrolls past the actual point. And it's enough apps that almost everyone recognises at least half of them.

More importantly, twelve let us do something we cared about deeply: make each one real. We didn't want a generic template. We wanted to show exactly what Facebook's permission requests look like, what Instagram actually asks for, what WhatsApp accesses. That specificity matters. When someone sees that Maps requests access to their photos, and then they realise their Maps app has all their travel history, something clicks. It's not theoretical privacy risk anymore. It's their phone.

The Free dashboard includes those twelve apps, a privacy risk score for each one, and a direct link into iOS Settings to revoke permissions right then. We didn't gate that. That felt important.

What we chose to show, and why

The apps aren't random. Instagram, Facebook, WhatsApp cover social networks and messaging. Google Maps, Apple Maps handle location. Gmail, Outlook handle email. Spotify covers music. Amazon handles shopping. Health and banking apps round it out.

Each one has different permission patterns. Some ask for a lot and genuinely need it. Others ask for things that feel excessive. A weather app that wants your clipboard access, for instance. By showing twelve together, someone can compare. They see that Apple Maps and Google Maps have similar permission requests, then make an informed choice about which one to use.

We also scored them differently. A news app might ask for location to personalise content, but if you're just reading headlines, that's a different risk profile than a dating app asking for location. The score reflects that context.

Why we didn't try to scan everything

Early on, someone asked: why can't you just audit every app on someone's phone? It's a fair question. The answer is iOS itself. Apple's sandbox is brilliant for privacy, but it means third-party apps can't query what other apps have installed or what permissions they've requested. We could have built complex workarounds, but they wouldn't have given us the real data anyway.

We chose honesty over feature bloat. Guard shows you twelve curated apps and tells you exactly what it can and can't see. That felt more useful than a false promise to scan your entire phone.

What we added instead was depth. Personal Pro includes real-time alerts whenever an app's permission status changes, a clipboard safety check that shows if an app has accessed your clipboard, detailed tracking information per app, a data exposure profile, and a permission breakdown chart. The idea is that once you understand the problem with these twelve apps, you can dig deeper into the ones that matter to you.

The people who needed this

We built Guard for people like that email user: someone who cares about their privacy but doesn't have hours to spend in iOS Settings. That's usually someone 25 to 45, probably a parent, probably someone who handles sensitive work information on their phone. Not paranoid. Just aware.

Parents monitoring children's devices have their own needs. That's why Family tier exists: six devices in one hub, child controls built in. You can see permission changes across your kids' phones without hovering over them constantly.

The Free tier exists because the permission problem affects everyone. You don't need to pay to understand what your apps can access.

Twelve as a starting point

We've had requests to add more apps to the dashboard. We'll probably expand it. But twelve taught us something: constraint forces clarity. If we had fifty apps, people would skim. With twelve, they read.

And here's what's stayed true since that first email: the goal isn't to scare people away from apps. It's to help them make real choices. Some people see that Instagram accesses their photos and think, 'That makes sense, I use it to post photos.' Others think, 'I never upload anything,' and revoke it. Both are right. But you can only choose if you know.