How to prevent Home Assistant Companion tracking the device and to control sensors only from the device itself?

Hello.
I just installed Home Assistant companion app on my android device.
I noticed that it by default sends some technical information about the device, battery, etc without asking the user of the phone.
Also, even though the sensors can be disabled in the app configuration, those sensors can be enabled from the Home Assistant Web GUI by an administrator, again, without asking the user of the phone whether to enable the sensors the admin requested.

I think the sensors and other privacy-related information about the device must be controlled by the owner of the phone, but not by the administrator of Home Assistant server. Or at least there should be an option in the companion app to deny the access.

Is there anything like that already implemented?

How do you re-enable the sensors in the web GUI?
I have never seen that option.

Go to Settings → Devices & Services → Click on “device” link:
image|286x185
Click on sensor you want to enable:


In the opened popup go to Settings tab, open Advanced settings and choose Enabled radio button:
image|329x500

What you asking for would be more restrictive than what iOS has built in — and Apple typically cares about this stuff. Location, fitness/movement, camera and mic all needs user approval.

I’m genuinely curious: Would you mind listing the sensors of concern and what your concern is for each (e.g. how it could be abused)?

Well, I know that location, camera, wifi, etc sensors require user permission because without it Android OS wouldn’t allow the Home Assistant app to access them.

But there are other sensors that are (more or less) privacy invasive that can be accessed/changed without user consent, and even without notifying the user about the change:

  • Next Alarm
  • Audio mode
  • Headphones
  • Mic muted
  • Music active
  • Ringer mode
  • Speakerphone
  • Battery level
  • Is charging
  • Do Not Disturb sensor
  • Device Locked
  • Last Reboot
  • Light Sensor
  • Public IP Address
  • Proximity sensor
  • Internal Storage
  • Current Time Zone

It’s cool to have such sensors when you need it. But I use the Home Assistant companion app on Android only as an alternative to a Web GUI in a browser, so I always logged in, etc. I do not plan to use any of those sensors and I don’t want the app to track them and to enable them if the administrator request to do so.

I have tested it on my Android and I might be able to enable the sensor in HA, but it is still disabled on the phone, so I do not think the phone settings are controllable from HA.
The enable sensor will just enable it in HA, but you will still not receive any data, if you have not also enabled it on the phone.

You need to wait for the app to update the sensors, but eventually, it’ll be enabled and updated. You also need to have this option enabled:

I would also like to see an option to permanently forbid all sensors, or at least disable everything by default on server side.
My use case is I want to give access to employees of our SMB to a dedicated HA instance to open garage doors (no permissions needed, only the needed entities would be exposed). Of course, there’s no way I want any of their phone data to land on HA. The web interface through a browser could be enough, but I also want widgets for quick access.